Privacy Policy

Fundació TIC Salut Social processes data for various reasons, as outlined below:

(1) – The management and selection of personnel (employees)
(2) – The management of patient data in projects we manage (patients)
(3) – Subscribers and particpants
(4) – Business management (customer and supplier data of physical persons)

The following table contains detailed information (second layer) on each type of processing:

Data Processing: complete or second-layer information
Processing undertaken

(1) – The management and selection of personnel (employees)
(2) – The management of patient data in projects we manage (patients)
(3) – Subscribers and participants
(4) – Business management (customer and supplier data of physical persons)

Responsible for processing
Fundació Tic Salut Social
CIF: G64350374
C/ Roc Boronat, 81 – 95,
08005 Barcelona.
Tel: +34 93 553 26 42
Email: info@ticsalutsocial.cat
Individual responsible for data protection: Josuè Sallent Ribes
Email: dpd@ticsalutsocial.cat

Purpose and terms of data storage

(1) – Personal data will be processed in order to manage human resources, health and safety, training and administer our payroll. The data will be stored once the employment relationship has ended, while respecting the mandatory conservation periods covered by employment legislation. In the case of CVs, with the consent of the interested party, they will be retained, for a period of one year.
(2) – Patient data will be processed solely for the purpose of providing the contracted management services, only in those projects where it is strictly necessary and in which it is expressly stated in the contract. The information will only be processed during the duration of the project or contract, and subsequently during the storage terms required to meet our contractual obligations.
(3) – Subscribers and participants’ data will be collected and processed solely for legitimate purposes of marketing and provision of the services provided by the person responsible for processing. It will be stored until the consent of the interested party is withdrawn.
(4) – Data from customers and suppliers that are natural persons will be processed exclusively for commercial purposes, specifically for communication, billing and accounting. Once the corresponding employment relationship has ended, the data will be stored only for the conservation period stipulated in the relevant fiscal and accounting legislation.

No automated decision-making is used in any data processing

Lawfulness

(1) – The legal basis for the processing of data is the performance of a contract to which the data subject is party or in order to take steps prior to entering into a contract Art. 6.1.b) RGPD. With regard to CVs, the legal basis for the processing is the consent of the data subject, which may be withdrawn at any time. Art. 6.1.a) RGPD.
(2) – The legal basis of the processing is the execution of a commercial contract signed with a client or provider or to take steps prior to entering into a contract. Art. 6.1.b) RGPD.
(3) – The legal basis for the processing of subscriber data or of participants in an event is the consent of the data subject, who is entitled to withdraw said consent at any time. Art. 6.1.a) RGPD.
(4) – The legal basis for the processing of data is the performance of a contract with a client or provider or in order to take steps prior to entering into a contract or the adoption of pre-contractual measures. Art. 6.1.b) RGPD.

Whenever the basis of the processing is Art. 6.1.b) RRGPD, the data subject may refuse to provide the data, but this will result in subscribing or fulfilling a contract becoming more difficult or impossible.

Recipients

(1) – Personal data may be communicated to the Social Security administration and trade unions.
(2) – Only the person responsible for data processing will have access to data from patients collected or processed in the context of a project.
(3) – The legal basis of the processing is the consent of the interested party, who will be entitled to withdraw said consent at any time. Art. 6.1.a) RGPD.
(4) – The personal data of clients or suppliers will only be communicated to public auditing entities, as required by fiscal and accounting legislation

Rights

The rights of access, rectification, deletion and portability of your personal data, may be exercised by contacting the Data Protection Officer at dpd@ticsalutsocial.cat, or by writing to the address of the person responsible for the treatment. Please provide proof of identity by including a copy of your National Identity Document or equivalent.

In the event that the legal basis of the processing is the provision of consent, the data subject has the right to withdraw consent at any time.

Should any discrepancy arise, the data subject will also have the right to file a complaint with the Catalan Data Protection Authority or equivalent authority.