1/ User information
The purpose of these conditions of use is to inform the user of the data protection policy implemented by the IIS La Fe. Accessing, browsing and using this website implies knowledge and acceptance of these conditions and the privacy and personal data protection policy.
Through this website the user can provide personal data through contact forms (Collaborate, Employment and Suggestions). The user will be entirely responsible for the access, correct use and statements made on this website, subject to these conditions of use. IIS La Fe disclaims any liability for failure to comply with this requirement.
This website is intended exclusively for users over 18 years of age. The user acknowledges that he/she is over 18 years of age, that he/she is the owner of the data provided in the personal data request forms, and also guarantees that he/she is the owner, subscriber or user of the mobile phone and e-mail address provided.
The personal data provided by the user shall in all cases be adequate, relevant and not excessive in relation to the scope and specific and legitimate purposes for which they are to be obtained.
The user is responsible for the truthfulness, accuracy, legality and updating of the data provided through this website. The user must inform IIS La Fe of any changes to their personal data so that the entity can keep them duly updated, by sending an e-mail to protecciondedatos@iislafe.es. The user will be solely responsible for any direct or indirect damage that may be caused to IIS La Fe or any third party as a result of filling in the forms with false, inaccurate, incomplete or out-of-date data.
2/ Principles governing the processing of personal data
The privacy and personal data protection policy of the IIS La Fe is supported by the application of the following principles.
This set of fundamental principles has been formulated based on the requirements established in the RGDP.
- Principle of lawfulness, fairness and transparency: Personal data shall be processed lawfully: with the consent of the data subject, for the performance of a legal obligation or of a task carried out by the IIS La Fe in the public interest or in the exercise of official authority; fairly and transparently in relation to the data subject.
- Purpose limitation principle: Personal data shall be collected for specified, explicit and legitimate purposes and shall not be further processed in a way incompatible with those purposes; further processing of personal data for archiving purposes in the public interest, scientific and historical research purposes or statistical purposes shall not be considered incompatible with the initial purposes.
- Data minimisation principle: Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- Accuracy principle: Personal data shall be accurate and, where necessary, kept up to date; all reasonable steps shall be taken to ensure that personal data which are inaccurate in relation to the purposes for which they are processed are erased or rectified without delay.
- Principle of limitation of the data retention period: Personal data shall be kept in a form which permits identification of data subjects for as long as is necessary for the purposes of the processing and thereafter for the legally required periods. Personal data may be retained for longer periods provided that they are processed for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, without prejudice to the implementation of appropriate technical and organisational measures imposed by the GDPR in order to protect the rights and freedoms of the data subject.
- Principle of integrity and confidentiality: Personal data shall be processed in such a way as to ensure appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, by implementing appropriate technical or organisational measures. IIS La Fe and data processors, as well as all persons involved at any stage of the processing, shall be bound by a duty of confidentiality.
- Principle of proactive responsibility: The controller shall be responsible for compliance with the principles set out in this section and shall be able to demonstrate compliance with the provisions of the GDPR and Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights.
3/ Information on data protection
- Data controller
The Fundación para la Investigación del Hospital Universitario y Politécnico La Fe de la Comunidad Valenciana (hereinafter, IIS La Fe), is RESPONSIBLE FOR THE PROCESSING of the personal data provided by the user through this website. The data controller's details are:
Titular: Fundación para la Investigación del Hospital Universitario y Politécnico La Fe de la Comunidad Valenciana
CIF: G97067557
Registered Office: Avenida Fernando Abril Martorell, 106, Hospital La Fe, Torre A, planta 7 - 46026 Valencia (España)
Phone: + 34 96 124 67 00
Email: protecciondedatos(ELIMINAR)@iislafe.es
Register: Registered in the Register of Foundations of the Generalitat Valencia by resolution dated 20 November 2002, under number 369-V.
Web site: https://www.iislafe.es
DPO: dpd(ELIMINAR)@gva.es
The personal data that may be collected directly from interested parties through this website will be incorporated into the corresponding processing activity owned by IIS La Fe and will be treated confidentially in accordance with the provisions of current regulations on the protection of personal data, specifically, Regulation (EU) 2016/679, of 27 April 2016, (RGPD) on the protection of natural persons with regard to the processing of personal data and the free movement of such data and Organic Law 3/2018, of 5 December, (LOPDGDD) on the protection of personal data and the guarantee of digital rights.
- Purpose
The purpose of the processing of personal data corresponds to each of the processing activities carried out by IIS La Fe, all of which are related to the performance of the procedures concerning the biomedical research area created between the Hospital Universitario y Politécnico La Fe, the University of Valencia, the Polytechnic University of Valencia, the Higher Council for Scientific Research, the Foundation for Research at the Hospital Universitario La Fe de la Comunidad Valenciana and the IVI Foundation.
In relation to the processing of personal data provided by the user through this website, the purpose of the processing is described in the purposes described in the corresponding form or contract (suggestion box, Collaborate, Employment), with the following purposes, among others, being foreseen:
- Management and processing of requests or any type of request made by the user through the forms of contact made available to them through the website.
- Sending communications by email, fax, SMS/MMS, social networks or any other electronic or physical means that makes such communications possible. These communications will be made by the Controller and related to its activities and services, or by its collaborators with whom it has reached an agreement related to the purpose of the processing, which may be made through any of the means provided by the User.
- Legitimation
The processing of website users' data is carried out in order to comply with legal obligations on the part of IIS La Fe, for the fulfilment of missions carried out in the public interest or in the exercise of the execution of a contract, as well as when the purpose of the processing requires the consent of the user, which will have been requested when registering on the website or through the forms provided by IIS La Fe.
The basis of legitimacy for the issuance of communications by email, fax, SMS/MMS, social networks or any other electronic or physical means that makes such communications possible is the express consent of the interested party, as well as the provisions of Law 34/2022, of 11 July, for the sending of information by electronic communications.
- Origin of the data
The personal data are provided by the interested party when filling in the forms on this website in which he/she accepts the processing of his/her personal data, without prejudice to being able to exercise his/her rights at a later date in accordance with the provisions of section g).
In the event that the user provides personal data of third parties, he/she must previously inform them of the content of these conditions and the circumstances relating to the processing of their personal data, as well as obtain their prior consent. Information relating to minors or incapacitated persons requires the prior consent of the parent, guardian or legal representative.
We inform you that the completion of the personal data provided in the different forms is voluntary but necessary to carry out the requested management, so the User must guarantee its accuracy and validity. The fields marked with an asterisk in the data collection forms are obligatory in order to carry out the management requested, so refusal to provide them will prevent their management or the information or service provided may not be completely adjusted to your needs. It is understood that the user is informed and expressly accepts these conditions and privacy and personal data protection policy if they activate the "check box" or press the "Send/Continue/Accept" or similar button found on the data collection forms.
- Data retention
The personal data provided will be kept for the time necessary to fulfil the purpose for which they are collected and, when it is no longer necessary for that purpose, they will be kept duly blocked for as long as they are necessary to comply with a legal obligation or for the formulation, exercise and defence of claims.
Likewise, personal data provided for the issuance of communications by email, fax, SMS/MMS, social networks or any other electronic or physical means that enables such communications to be made shall be retained as long as such consent is not revoked by the users or until they object to the processing for the purpose of receiving communications.
In accordance with the applicable regulations, personal data will be kept available only at the disposal of the authorities to determine legal responsibilities and for the period of limitation of these.
- Transfer of data
For all purposes, the IIS La Fe is the recipient of the treatment, and personal data will not be transferred to third parties, except for legal obligations.
All data will be treated with absolute confidentiality, not being accessible to third parties for purposes other than those for which they have been authorised.
The IIS La Fe may communicate personal data to third party collaborators or service providers, exclusively for the purposes of the processing foreseen and for the correct functioning of the IIS La Fe. In any case, these communications of data that may be made will be made as a processing order by said third parties, which will imply access by the third party to the personal information. In this sense, IIS La Fe will have the corresponding processing assignment contracts with the third parties that process or access the personal data of IIS La Fe, in compliance with the provisions of the Data Protection regulations.
Likewise, the data will be communicated to the Public Administrations in order to comply with legal obligations.
- User rights
Any person has the right to obtain confirmation as to whether or not the IIS La Fe is processing their personal data.
Users who provide their personal data have the right to request from the Data Controller access to their personal data, and rectification or erasure, or restriction of processing, or to object, as well as the right to data portability.
In particular, the data subject may request the restriction of the processing of his or her data in the circumstances set out in art. 18 of the GDPR, in which case the data will only be kept for the exercise or defence of possible claims.
Where the processing is based on the data subject's consent, the data subject may withdraw such consent at any time by objecting to the processing of his or her data for a specific purpose, without this affecting the lawfulness of the processing based on the consent prior to its withdrawal, in which case his or her personal data shall only be kept for the exercise or defence of possible claims.
Likewise, the data subject may request the deletion of his/her data when they are no longer necessary for the fulfilment of the purposes for which they were collected.
Interested parties may exercise their rights by sending a letter to the Fundación para la Investigación del Hospital Universitario y Politécnico La Fe de la Comunidad Valenciana at Avenida Fernando Abril Martorell, 106, Hospital La Fe, Torre A, planta 7 - 46026 Valencia (Spain), or via the following e-mail address: protecciondedatos(ELIMINAR)@iislafe.es provided that the request is made from the registration account in our database. Your request must include the date, name and surname, the request in which the request is made, as well as the address for the purpose of notifications. In order to dispel any reasonable doubt as to the identity of the natural person submitting the request, you may be asked to provide the DNI or document of a similar or analogous nature, in order to confirm your identity.
The IIS La Fe undertakes to respond to requests sent to it, either by e-mail or by letter. In this regard, IIS La Fe will respond within one month of receiving the request. However, the possibility of a two-month extension must be taken into account, depending on the complexity of the request, as well as the number of requests. Such an extension shall be notified within one month of receipt of the request.
Possibility of contacting the Data Protection Delegation
Interested parties may contact the Data Protection Delegation of the Generalitat Valenciana regarding all matters relating to the processing of their personal data and the exercise of their rights under the RGPD.
Their contact details:
Delegación de Protección de Datos de la Generalitat
Paseo de la alameda, 16. 46010 Valencia
E-mail adress: d(ELIMINAR)pd(ELIMINAR)(ELIMINAR)@gva.es
Complaint to the Spanish Data Protection Agency (Agencia Española de Protección de Datos)
Data subjects also have the possibility of lodging a complaint with the national supervisory authority for data protection (Agencia Española de Protección de Datos - AEPD), especially when they have not received a satisfactory response in exercising their rights through the electronic office accessible on the website https://www.aepd.es, or through their physical address.: C/ Jorge Juan, 6, 28001-Madrid.
4/ Additional information
- Access to your data by third parties
An optimal provision of the service that IIS La Fe offers through its website may require other third party service providers to access the User's personal data as data processors.
By accepting this Privacy Policy, the User understands that some of the aforementioned service providers may be located in countries outside the Spanish state, but within the European Union. In the event that a data processor is located outside the European Economic Area or does not offer a level of security equivalent to that of Spain. In these cases, transfers will be based on the authorisation of the Directorate of the Spanish Control Authority, in standard model clauses approved by the Commission. For further information on the above guarantees or on the fact that they have been provided, you may contact the IIS La Fe by the means set out in section 3.a).
- Data maintenance
The interested party undertakes to keep the data provided to IIS La Fe duly updated. When the data provided by the interested party is false, incomplete, out of date or inaccurate, the interested party will be liable for any direct or indirect, material or immaterial damage that may be caused to a third party or to IIS La Fe as a result. The latter reserves the right to terminate the services provided to the interested party, as well as any relationship, without prejudice to any other actions that may be applicable by law.
- Security measures
The IIS La Fe undertakes to comply with its obligation to maintain the secrecy of personal data and its duty to protect them, and will adopt the necessary measures to prevent their alteration, loss, unauthorised processing or access, in accordance with the provisions of the applicable regulations.
Specifically, the IIS La Fe has implemented in its work centres, premises, systems, communications infrastructures, etc., the security measures required by the Personal Data Protection regulations. It has also adopted the logical, physical, organisational, contractual, etc. measures that prevent unauthorised access by third parties to the data, its destruction, modification, reproduction, disclosure, transmission or reuse.
Furthermore, in compliance with the provisions of 32.1. of the GDPR, appropriate technical and organisational measures have been implemented to ensure an adequate level of security, including, where appropriate: measures to ensure the continued confidentiality, integrity, availability and resilience of processing systems and services, measures to restore availability and access to personal data promptly in the event of a physical or technical incident, and the implementation of a process of regular verification, evaluation and assessment of the effectiveness of technical and organisational measures to ensure the security of processing.
However, whenever you provide personal information on the web, there is a risk that third parties, beyond our control, may intercept and use this information. Although IIS La Fe strives to protect personal information and your privacy, we cannot guarantee the security of any information you disclose online at your own risk.
5/ Social media policy
By becoming a fan or follower of IIS La Fe through its Facebook page, Twitter or any other social network, the user is consenting to:
- That the processing of his/her personal data in the environment of this specific social network, in accordance with its own Privacy Policy. Below are links to the privacy policies of the main social networks used by IIS La Fe.
- Facebook: http://www.facebook.com/policy.php?ref=pf
- Twitter: http://twitter.com/privacy
- Instagram: https://help.instagram.com/519522125107875
- Linkedin http://es.linkedin.com/legal/privacy-policy
- Youtube http://www.google.es/intl/es/policies/privacy/
- That the IIS La Fe accesses the data that the user has authorised to view, in accordance with his/her own privacy settings.
That the news published by the IIS La Fe appear on his/her wall, biography, etc.
In this sense, the IIS La Fe will not use the data for other purposes or to send information other than that of the IIS La Fe.
These social networks are used by the IIS La Fe to disseminate the institutional, social and research activity of the Entity and for the dissemination of scientific and educational content.
If the user wants to unsubscribe, simply select the appropriate option in the corresponding social network.
Specific rules of IIS La Fe:
- Tagging: IIS La Fe authorises users to tag it in their social networks.
- Image rights: IIS La Fe respects the image rights of users, and excludes the use of the image of minors on its social networks.
- Publications: IIS La Fe is not responsible for the different opinions, comments and content published by users, and reserves the right of moderation in the following cases:
- Expressions that are discriminatory, threatening or that violate the honour of individuals, the use of obscene language, and any comments of a vexatious, derogatory or disrespectful nature.
- Texts, graphics, photographs, videos, etc. that violate current legislation on copyright.
- Advertising of commercial products and brands. Spam.
- Publication of personal data, such as addresses, telephone numbers, e-mail accounts, etc.
- Publication of photographs in which the rights of minors or the right to privacy and self-image are not respected.
In the case of repeated behaviour of this kind, the user may be blocked.
You can contact the site administrators at the following email address: protecciondedatos(ELIMINAR)@iislafe.es
6/ Modification
The Privacy Policy established by IIS La Fe is in force from the date of its publication on the corresponding website; the user may file and/or reproduce it.
This Policy may be modified due to changes in the requirements established by the legislation in force at any given time, judicial decisions and jurisprudential changes, as well as changes in the actions of IIS La Fe. In any case, any modification of the Privacy Policy will be duly updated both on the website and on the affected forms, where the user can consult the privacy policy at any time. If necessary, IIS La Fe will inform users of the changes made to the processing of their personal data and, if the applicable regulations so require, users may grant their consent.