Universidades españolas con Ucrania

Privacy policy

Universidad Privada de Madrid (Alfonso X El Sabio University, UAX), as the data controller, hereby informs you that, in accordance with the provisions set out in the General Data Protection Regulation (EU) 2016/679 (GDPR), Law 3/2018, on Personal Data Protection and Guaranteeing Digital Rights (LOPDGDD, using its Spanish acronym), and Law 34/2002, on Information Society Services and E-Commerce (LSSICE, using its Spanish acronym), we will process your data in the manner set out in this Privacy Policy.
This document aims to provide you with a simple, clear, transparent explanation as to how we process and protect your personal information and your rights. Your safety and that of your personal data is important to us and we take their suitable protection very seriously.

This policy was updated on 21 June 2021.

UAX reserves the right to amend this policy to adapt it to new legislative, doctrinal or jurisprudential aspects that are applicable, or for technical, operational, commercial, corporate and business reasons, and it will be duly published here. As such, we recommend you read this policy in detail every time you access this platform.
Furthermore, UAX may personally inform you in advance of the changes planned for this policy, before the amended policy comes into force, provided that this is technically and reasonably possible.

WHO IS THIS POLICY AIMED AT AND WHO DOES IT APPLY TO?

This policy is aimed at and applicable to all website users (members of the UAX community, campus visitors, employees, suppliers, etc.) who are considered identified or identifiable natural persons.

WHO IS THE DATA CONTROLLER RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA?

The personal data collected during browsing on the website www.uax.com, and particularly via the completion and sending of the forms made available on this site, whether the corporate site or others linked to .uax.es subdomains and with a link to this privacy policy, will be processed by the entity Universidad Privada de Madrid, S.L. (UAX), with tax identification number (NIF) A78518529, and a registered address at Avenida de la Universidad, 1, 28691 Villanueva de la Cañada, Madrid, in its role of Data Controller, in accordance with the General Data Protection Regulation (EU) 2016/679, Law 3/2018, on Personal Data Protection and Guaranteeing Digital Rights (LOPDGDD) and with all other personal data protection regulations in force and applicable.

WHO IS THE DATA PROTECTION OFFICER (DPO)?

UAX has appointed a Data Protection Officer (DPO) who will ensure compliance with data protection regulations at the university. If they desire, users may contact this individual with any questions they have regarding the processing of their personal data and to exercise their rights as set out in the GDPR. Users can contact our DPO using the following contact details: dpd@uax.es

WHAT TYPES OF DATA DO WE PROCESS?

The data you provide through the different website forms may vary depending on the purpose; however, we will always ask for personal data that is appropriate, pertinent and limited to data that is strictly necessary, within the following categories:

  • Direct personal identification data.
  • Personal contact data.
  • Data on personal characteristics or circumstances.
  • Academic data.
  • Professional data.
  • Economic and/or banking data.
  • Health-related data relevant to managing medical appointments in the scope of the UAX Clinic.

WHAT ARE THE PURPOSES AND LEGAL BASES FOR US PROCESSING YOUR DATA?

In general, the purposes for processing your personal data in the scope of the UAX are related to compliance with our legal and contractual obligations linked to our teaching and research activity, management of our administrative and auxiliary services inherent to a university centre, management of requests for information, and actions of academic and institutional outreach.

The personal data you provide will be processed for the purposes indicated specifically in the information notices shown alongside the website forms, which are mainly the following:

  • Registration and management of your personal account as a member of the UAX Community. Legal basis: express consent of the interested party.
  • Participation in admission processes. Legal basis: execution of precontractual measures at the behest of the interested party.
  • Management of campus visit requests. Legal basis: express consent of the interested party.
  • Management of residential accommodation. Legal basis: execution of a service provision agreement in which the interested party is a party.
  • Academic management. Legal basis: execution of an educational service provision agreement in which the interested party is a party.
  • Accounting, economic, fiscal and administrative management resulting from the transactions linked to the services rendered. Legal basis: execution of a service provision agreement in which the interested party is a party, as well as compliance with legal obligations arising from applying fiscal, accounting and administrative legislation.
  • Management tasks carried out in the scope of the International Relations Office (IRO). Legal basis: execution of student exchange agreements in which the interested party is a party.
  • Necessary communications with students. Legal basis: existence of legitimate interest arising from the relationship established with UAX and execution of a service provision agreement in which the interested party is a party.
  • Management of subject recognition processes. Legal basis: compliance with legal obligations.
  • Management of private grants and processing of public grants. Legal basis: compliance with legal obligations.
  • Organisation of sporting and cultural activities, as well as events linked to the university in general.
  • Access control and registration of vehicles for security purposes. Legal basis: existence of public interest.
  • Video surveillance of the facilities for security purposes. Legal basis: existence of public interest.
  • Management of the job bank. Legal basis: express consent of the interested party.
  • Sending, via any channel (including electronic), of commercial communications related to products and/or services supplied/provided by UAX. Legal basis: existence of legitimate interest resulting from the existence of a contractual or precontractual relationship.
  • If your express consent has been obtained, sending of commercial communications, via any channel (including electronic), related to products and/or services supplied/provided by subsidiaries of the Grupo Guadarrama Proyectos Educativo. Legal basis: existence of express consent.
  • Resolution of questions and/or queries about our products or services, via the different channels made available to this end (email, telephone, etc.). Legal basis: existence of express consent linked to sending of your request.
  • Use of photographs and images on the website and social media profiles pertaining to UAX. Legal basis: express consent or, where applicable, legitimate interest. 
  • Uses associated with the platform's essential cookies, in accordance with the provisions set out in our Cookies Policy. Legal basis: existence of express consent.
  • Management of medical appointments. Legal basis: execution of a contract or precontractual measures in which the interested party is a party.
  • Management of veterinary assistance appointments. Legal basis: execution of a contract or precontractual measures in which the interested party is a party.

HOW LONG DO WE STORE YOUR DATA FOR?

All personal data you provide will be stored for the time necessary to fulfil the purposes for which they were collected and at least one of the legally established legal bases applies.

You can find more information about our storage periods and criteria here. In general, when personal data are no longer necessary for the processing purposes for which they were collected, they will be suppressed such that they may not be processed - nor viewed - except in cases when they must be stored, duly blocked, and kept at the sole disposition of judges and courts, the Public Prosecution Service or the competent public administrations, particularly the data protection authorities, to demand possible liability resulting from processing and only within the limitation period.

WHAT ARE CONSEQUENCES IF YOU DO NOT PROVIDE YOUR DATA?

We try to ask you for or apply the minimum data required for the forms of personal data processing we carry out in developing our business and social purposes. Of course, we do this in accordance with the principles set out in applicable regulations.

Failure to supply your personal data may mean you are unable to: 1) correctly browse our platform (failure to accept technical or session cookies); 2) access certain contents or services (for example, if you do not supply the data required to receive our newsletter you will not receive it or the information or contents associated with it); 3) have your applications or registrations processed (for example, due to failing to complete - or insufficiently completing - the corresponding form or application).

Users will be fully responsible for the personal data and information they provide and, where applicable, the products or services that they require or hire from us.

DO WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES?

Your personal data may be accessible to external auxiliary suppliers and service providers hired by UAX whose activity requires that said data be processed, such as providers offering hosting services, computer maintenance, cyber security, private security, etc. In these cases, these providers will be considered data processors, which means they are contractually obliged to following UAX’s instructions in terms of personal data protection. UAX will carry out the corresponding controls, inspections and audits in this regard to check said data processors strictly comply with their legal and contractual obligations in matters of personal data protection.

On the other hand, when there is a legal basis to do so, your personal data may be transferred to:

  • Other companies in the Grupo Guadarrama Proyectos Educativo and UAX Foundation for the sending of commercial information, if your express consent is obtained in this regard.
  • Parents/guardians who, as payers of the academic fees of the students linked to them, have asked to be informed of their academic performance and qualifications.
  • For creation of the student card and use of the mobile application your data will be transferred to the Banco Santander. 
  • Bodies and organisations of the public administrations, administration of justice, law enforcement forces and agencies when legally applicable.
  • Insurance entities linked to student insurance. 

ARE YOUR PERSONAL DATA TRANSFERRED INTERNATIONALLY?

Some forms of personal data processing, such as exchange or cooperation programmes, may involve international transfers of data to entities located outside the European Economic Area. In these scenarios, UAX will comply with the requirements set out by the Spanish Data Protection Agency and the European Union, ensuring that all international transfers of personal data are carried out based on any of the legally established guarantee instruments. (https://ec.europa.eu/info/law/law-topic/data- protection/international-dimension-data-protection/standard-contractual-clauses-scc_en).

WHAT RIGHTS DO YOU HAVE AND HOW CAN YOU EXERCISE THEM?

You may exercise the rights that correspond to you in line with data protection regulations in force, which are:

  • Right to request access to the personal data related to the interested party.
  • Right to request that incorrect data be rectified.
  • Right to request that data be eliminated.
  • Right to request processing be limited.
  • Right to oppose processing.
  • Right to data portability.
  • Right to not be the subject of individual automated decisions.
  • Withdrawal of consent.

To exercise any or several of these rights, you must send your written request to the email address lopd@uax.es.

If you would like further information on your rights related to data protection or if you would like to file a claim, please contact the Spanish Data Protection Agency.

ARE SECURITY AND PROTECTIVE MEASURES APPLIED TO YOUR PERSONAL DATA?

Bearing in mind the nature, scope, context and indicated purposes of processing, as well as the risks of varying likelihood and severity to your rights and freedoms, UAX applies (and will continue to apply) appropriate technical and organisational measures to guarantee the due security and protection of your personal data, considering privacy criteria from design and applying a system focused on the concurrent risk, which will be reviewed and updated by UAX when necessary.

Furthermore, we continuously undertake research to improve these measures and we invest in both new tools and R&D.

Academic and administration staff have been trained and received information on data protection, and specifically how to process the information containing personal data that they must handle in their job post, and how to act in the event of an incident.

CONTACT PAGE

Alfonso X El Sabio University’s email addresses are published on our contact pages for exclusively academic and administrative purposes. Using these for different purposes, particularly commercial purposes or the mass sending of emails (spam), will be considered contrary to article 5 of the GDPR, and article 21 of Law 34/2002, and the competent data protection authorities will be informed.