Privacy Policy
This Privacy Policy of INSTITUT D’INVESTIGACIÓ BIOMÉDICA DE BELLVITGE (IDIBELL) regulates the collection, use, and other forms of processing of personal data provided by users on the website p-cmrc.cat. Thus, it also provides complementary information to the data processing carried out from different strategic areas of this program.
If you make contact through the e-mails included in the website, you accept the inclusion and processing of the data they provide in the processing of personal data, of which INSTITUT D’INVESTIGACIÓ BIOMÉDICA DE BELLVITGE (IDIBELL) is the holder, being able to exercise the related rights according to the exposed in the following clauses.
All legal texts are available to users and / or interested in the corresponding website. These texts may be modified and/or updated according to the needs and activities carried out by INSTITUT D’INVESTIGACIÓ BIOMÉDICA DE BELLVITGE (IDIBELL).
In the following sections, we answer some questions that may arise concerning how these data are treated and what are the commitments we assume when accessing, storing, and disposing of the information that may eventually be collected.
The collection and processing of personal data that can be provided are carried out by IDIBELL, and in this case, through its data processors, who are third parties with whom IDIBELL has established an express service contract, and in which the conditions have been set so that the management of the data is by the law. These third parties are required by contract that their activity respects the law and that they implement the appropriate security measures to protect these rights.
The primary legal basis of the processing of your personal data for browsing through the IDIBELL website is your consent, provided by the acceptance of the notice of the use of cookies, or in the case of not accepting or rejecting, for continuing browsing knowing their existence. It is also understood that there is express consent if you make the first contact through the e-mails included on the website, providing personal data.
Regardless of the information collected through cookies, you can browse most of the pages of IDIBELL without providing any personal information.
In the event that the processing of your personal data could be based on some other basis of legitimacy, you would be expressly informed prior to registering personal information.
IDIBELL only collects the strictly necessary data to offer the services derived from its activity and other benefits, procedures, and activities attributed by law. On this website, only the data provided by Users is processed. The data that can be obtained from the user will be treated for the management of your contact data to resolve doubts, suggestions, or requests of a professional nature.
As a follower user in social networks, the processing will be carried out to manage and publish content or information that may appear your profiles or walls and that we think may be of interest.
As a user candidate for a job offered by P-CMR[C], an internship or research project of IDIBELL, or any other person who has opted for an IDIBELL candidacy or has presented spontaneously for a similar purpose, you will also be accepting the processing of your personal data to apply for a position, maintain communication concerning the status of the candidature, to access the delivered CV, as well as on the candidate’s social networks; to compare that your data is in accordance with the offers announced by IDIBELL and to verify, where appropriate, that the information provided is accurate. This information can be shared with other co-managers of the processing that are linked to the purpose of the application, which will be expressly informed at the time of data collection.
Finally, as a person who has given biological samples to the STEM CELL BANK, the purposes of the processing will be expressly communicated before the collection of personal data, which, for your safety, will go through a pseudonymization process, by the current regulation.
L’IDIBELL collects data exclusively to the extent necessary to achieve a specific purpose. The information will not be used for a purpose incompatible with that described.
These data will be guarded and managed with the highest reasonable diligence applying the limitation and minimization criteria.
IDIBELL has included all the technical and organizational measures at its disposal to prevent the loss, misuse, alteration, unauthorized access, and theft of the personal data it guards. Likewise, in the event of a security incident that seriously jeopardizes the confidentiality and availability of your data, IDIBELL will follow the mandatory notification protocols to the competent authority, and the interested parties affected.
When the legitimate basis of the processing is based on the consent of the interested party, the personal data will be kept as long as it does not state otherwise, unless, for logical and evident reasons, they have lost the utility or the legitimate purpose for which they were collected. It is reported that those personal data collected through an application that does not end with the incorporation of the candidate in IDIBELL, will be kept for a maximum period of one year.
When the legitimate basis of the processing is based on the fulfillment of a legal and/or contractual obligation, the personal data will be kept, once the relationship that links the interested party with the IDIBELL for the time necessary to face the derived legal responsibilities. From the same. In this sense, it is expressly informed that the legally established conservation periods are:
- Ten years in cases related to IDIBELL accounting and taxation, as determined in the General Tax Law of December 16, and according to the periods of prescription of criminal liability derived and included in Organic Law 10/1995 of November 23.
- Ten years as regards the contractual obligations acquired by the IDIBELL, except for claims related to periodic payments that must be made for years or terms plus prices, remuneration for the provision of services and works, claims for the sale price of consumption, which will be kept for a period of 3 years, as provided in Law 29/2002, of December 30. First Law of the Civil Code of Catalonia.
- Three years regarding data that may be linked to other non-contractual obligations, as provided in Law 29/2002, of December 30. First Law of the Civil Code of Catalonia.
- Thirty years regarding data associated with cells, tissues, and any biological material of human origin according to Law 14/2007, of July 3, on biomedical research, once the project, study, or trial is finished, for which they were collected.
- Fifteen years regarding the data included in the informed consent, according to Law 21/2000, of December 29, on the rights of information about the health and autonomy of the patient, and the clinical documentation of the Department of the Presidency of the Autonomous Community of Catalonia.
- Five years regarding genetic data, since they were obtained, except that their conservation is necessary to preserve the health of the person from whom it comes or of third parties related to it according to Law 14/2007, of July 3, of investigation biomedical.
Your data can be communicated to third parties who help us provide Information Technology services, and comply with the legal and contractual obligations assumed by IDIBELL
IDIBELL has adopted the appropriate technical and organizational measures to guarantee the adequate use of data by these third parties, and if the aforementioned data processing implies the international transfer of data, especially for the use of services hosted in the cloud, ensures that the third party complies with the obligations outlined in the current data protection regulations.
If you want more information about which third parties your data may have been transferred, you can request it through the e-mail dataprotection@idibell.cat.
Right not to be subject to wholly automated decisions and without human intervention if it may have legal effects on the interested party or may significantly affect it, as long as the interested party’s explicit consent has not been obtained or is authorized by EU law or the State.
If you need more information about what rights are recognized in the law and how to exercise them, we recommend that you contact our Data Protection Delegate at dpd@ticsalutsocial.cat or at the Catalan Data Protection Agency, which is the control authority in terms of data protection, with whom you also have the right to request your protection before a possible data protection information.
- An e-mail to the mailbox, dataprotection@idibell.cat, indicating your full name, along with a copy of your ID or similar and the right you wish to exercise over your data.
- A letter with the same information at the address: Gran Via de l’Hospitalet, 199-203, 2nd floor, Hospitalet de Llobregat.
- If you have doubts about how to do it, you can also call us: 93 260 74 11.
IDIBELL recommends that, before introducing the data in any or some of the data collection sheets of this website, carefully read the legal notice, cookie policy, and privacy policy.
In any case, the user is responsible for the authenticity of the data provided, which are accurate, updated and complete for the purpose for which they are provided, assuming responsibility for damages, both for lost profits and for emerging damage, which may be generated by such inaccuracies or falsehoods.
Both the access to the websites and the use that can be made of the information and contents included in them will be of the exclusive responsibility of whoever makes it. Therefore, the use that may be made of the information, images, content reviewed and accessible through it, will be subject to the law, whether national or international, applicable, as well as the principles of good faith and lawful use by users, who will be entirely responsible for such access and proper use. Users will be obliged to make reasonable use of the services or content, under the principle of good faith and with respect for existing law, morality, public order, good customs, the rights of third parties or the IDIBELL itself, all according to the possibilities and purposes for which they are designed.
IDIBELL assumes no liability, whether direct or indirect, for consequential damages or lost profits, arising from the misuse of services or content made by users or third parties.
Privacy Policy Social Networks
Following the duty of information established in Regulation (EU) 2016/679 of April 27 (GDPR) and LO 3/2018, of December 5, Protection of Personal Data and guarantee of digital rights, INSTITUT D’INVESTIGACIÓ BIOMÉDICA DE BELLVITGE (from now on, IDIBELL), wishes to inform the users of any social network of its domain the policy regarding treatment and protection of personal data of those who voluntarily they access and they can use them.
The access and use of these social networks by the user implies that they expressly accept this privacy policy and that they give their consent to the processing of their personal data foreseen in it.
Personal data provided voluntarily by the user to IDIBELL, through its official website of the social network will be part of a data processing responsibility of RESPONSIBLE, by e-mail, fax, SMS, MMS, social communications or any other electronic or physical means, present or future, that enables commercial communication, sending a newsletter to those users who subscribe expressly, exchange information with IDIBELL, and other users and establish contact with third parties.
From the moment the user uses the official website of the social network, their free, unequivocal, specific, informed, and express consent is given for the processing of their personal data by IDIBELL.
The user is free to use the official page of IDIBELL, in any social network of his domain, so that in case the user does not agree with the processing of their data with such purposes, he should not use it or provide his personal information.
Through the official page of the responsible social networks, the user can share texts, photos, videos, and other training and / or content that will be subjected to both this policy and rules and conditions of the platform.
The user may only publish on the official pages of the social networks of the person in charge of the personal data, photographs, and information or other content whose ownership belongs to him or in respect of which he holds the authorization of third parties.
IDIBELL shall have the right to remove from its official pages of social networks – unilaterally and without prior communication or permission of the user – any content published by the user when it infringes or violates current legislation, the rules set out in this policy and the provisions of the platform.
The user is advised that all the information and contents will be published on the official pages of the social networks of the person in charge may be known by remaining users of the official website and the social network platform. Consequently, all information and content published by the user on the official website of RESPONSIBLE, in this social network, will be the subject of a communication to the rest of the users by the very nature of the service.
IDIBELL has only planned the realization of assignments or communications of data that, because of the current regulations, must be made to judges, courts, public administrations, and competent authorities of an administrative nature.
- It is recommended that all users use pseudonyms or personal nicks with which to operate over the Internet, allowing them to have a real “digital identity,” which does not jeopardize the safety of their personal and professional lives.
- It is recommended that users take special care when publishing audiovisual and graphic content in their profiles, as in this case, they may be putting at risk the privacy and intimacy of people around them.
- It is recommended to review and read, both before user registration and subsequently, the general conditions of use and privacy policy that the platform makes available on their websites.
- It is recommended that the degree of privacy of the user’s profile on the social network be configured appropriately in such a way that it is not entirely public, but only those persons who have been previously cataloged as “friends” or “direct contacts” by the user have access to the information published on the profile.
- It is recommended to accept as a contact only those people known or with whom you have a previous relationship, not compulsively accepting all requests for communication you receive and investigating whenever possible and necessary, who is the person requesting contact through the social network.
- It is recommended not to publish in the user profile physical contact information, which allows anyone to know where he lives, where he works, or studies daily or the leisure places he frequents.
- Users of microblogging tools are advised to take special care concerning the publication of information regarding the areas in which they are at any moment.
- It is recommended that you only use and publish content for which you have sufficient intellectual property rights. Otherwise, the user will be committing a civil offense that can be protected by national courts.
- It is recommended to use passwords with a minimum length of 8 characters, alphanumeric, and with the use of upper and lower case letters.
- It is recommended that all users have installed and correctly updated antivirus software on their computers.
- Minors should not reveal excessive personal data. Never provide data to strangers.
- All information concerning the website should be read. It explains who are its holders and the purpose for which the data is requested.
- Usernames and passwords should not be communicated to third parties, nor shared among friends or classmates. These data are private and should not be communicated to third parties and/or unknown.
- Whenever there is any doubt regarding a situation arising from the use of social networks and collaborative tools, parents or guardians should be asked.
- Activate parental control and platform control tools, as well as establishing the parent’s or guardian’s e-mail as secondary contact e-mail.
- Make sure age verification checks are in place.
- Ensure the correct installation of the content blocker.
Twitter: https://twitter.com/privacy
Linkedin: https://twitter.com/privacy
Flickr: https://www.flickr.com/help/privacy
Youtube: https://support.google.com/youtube/answer/2801895?hl=es
Telegram: https://telegram.org/privacy