Privacy Policy for the Red de Parques Tecnológicos de Euskadi (‘Basque Network of Technology Parks’) (RPTE)

Details of the Responsible Party:
RED DE PARQUES TECNOLÓGICOS DE EUSKADI (RPTE), made up of the following organisations:

  • Parque Científico y Tecnológico de Bizkaia (‘Bizkaia Science and Technology Park’), holding Fiscal Identification Number (NIF) A48177752 and headquartered at Ibaizabal Bidea, 101 – 48170 Zamudio. Contactable by email at bizkaia@parke.eus.
  • Parque Tecnológico de Álava (‘Álava Technology Park’), holding Fiscal Identification Number (NIF) A01128974 and headquartered at Hermanos Lumiere, 11 – 01510 Vitoria-Gasteiz. Contactable by email at alava@parke.eus.
  • Parque Científico y Tecnológico de Gipuzkoa (‘Gipuzkoa Science and Technology Park’), holding Fiscal Identification Number (NIF) A20479275 and headquartered at Pº Mikeletegi, 53 – 20009 San Sebastián. Contactable by email at gipuzkoa@parke.eus.

Who is the Responsible Party for data processing?
The present Privacy Policy applies to all of the personal data provided by the Interested Party to the RPTE, as well as any physical person interested in the activities and services that the RPTE offers through its web pages and through any other means of communication. The objective of the RPTE Privacy Policy is to provide transparent information about how we process your personal data in compliance with current data protection regulations.

The RPTE is a group of the three Technology Parks in Euskadi supported by the Basque Government under the mission of promoting the diversification of industry and the transfer and diffusion of innovation and technology in Euskadi.

The Interested Party may contact the RPTE using the contact information outlined in the ‘Details of the Responsible Party’ section.

For what purpose are personal data processed and what is the legal basis for this?
The RPTE keeps a Register of Processing Activities which provides detailed information about each of the following processing activities undertaken as the Responsible Party for data processing:

GDPR PROCESSINGGDPR PURPOSELEGAL BASIS
ApplicationsManagement of CVs belonging to individuals presenting themselves for selection processes, self-nominations, internships and work poolsExplicit consent
Pre-contractual relationship
CommunicationsLegitimate interestCompliance with Law 34/2002Legitimate interestCompliance with Law 34/2002
Contracts and tendersManagement of contracting processesContractual relationships
Contact people managementManagement of the contacts database (people associated with clients, suppliers, institutions, public authorities and companies in general)Legitimate interest for the purpose of maintaining business and commercial relations.
Events managementConsent of the Interested Party, where applicableLegitimate interestCompliance with Law 34/2002
Contractual relationships
Interesdunaren onespena, hala dagokionean.
Interes legitimoa.
34/2002 Legea betetzea
Kontratu-harremana
Video surveillanceThe recording and viewing of images through cameras to safeguard the security of the facilitiesLegitimate interest

In the duly justifiable event that users wish to receive more detailed information about the Register of Processing Activities they may contact PARKE using any of the channels established.

For how long are personal data retained?
The RPTE shall retain the data of the Affected Parties for the duration of their relationship with the organisation. Subsequent to this, the data will be retained in accordance with the provisions of regulations for files and documentation as established by applicable legislation. In the event that a right is requested, data will be erased on the basis of the right that has been requested.a.

Who has access to personal data?
The RPTE may transfer or communicate personal data in order to fulfil its obligations with the Public Administrations in cases in which this is required as part of legislation in place at any given time.

What rights do the Affected Parties have?
We inform users that the following rights may be exercised:

  1. The right to access personal data in order to know which data are the object of processing;
  2. The right to rectify any incorrect personal data;
  3. The right to erase personal data, where possible;
  4. The right to request the restriction of the treatment of personal data when the accuracy, legality or necessity of the data processing is questionable, in which case we may retain the data for the exercise or defence of claims.
  5. The right to oppose the processing of personal data, when the legal basis provided is of legitimate interest. The RPTE will cease to process data unless there is a compelling legitimate interest to do so or for the formulation, exercise or defence of claims.
  6. The right to the portability of your data, when the legal basis provided for the processing of the same is your consent.

These rights may be exercised free of charge by the Interested Party, and where applicable the representative of the same, by sending a written request to rgpd@parke.eus

In addition to the previously-mentioned rights, the Interested Party shall have the right to withdraw the consent granted at any time, without this withdrawal of consent affecting the legality of processing prior to the withdrawal of said consent. The RPTE may continue to process the data of the Interested Party to the extent that applicable legislation allows this.

The RPTE emphasises that the Interested Party has the right to present a claim before the competent Supervisory Authority in the country in which they are based.

Baja en el servicio del envío de comunicaciones comerciales
El interesado tiene derecho a revocar en cualquier momento el consentimiento prestado para el envío de comunicaciones comerciales con la simple notificación a la RPTE por la cual informa que no desea seguir recibiendo comunicaciones comerciales. Para ello, el interesado podrá pinchar en el enlace incluido en cada comunicación cancelando el envío de comunicaciones comerciales electrónicas o bien revocar su consentimiento mediante comunicado a rgpd@parke.eus

Which security measures have we implemented?
The RPTE is committed to fulfilling its obligation of ensuring the secrecy of personal data and of its right to protect these, and it shall adopt the measures that are required to prevent their unauthorised access, processing, alteration or loss, in accordance with the provisions of applicable legislation.

The RPTE has implemented the technical and organisational security measures that are required to ensure the security of your personal data and to prevent their unauthorised access and/or processing, alteration or loss, in line with the state of the technology, the nature of the data stored and the risks to which these data are exposed, whether as a result of human, physical or natural actions, in accordance with the provisions of applicable legislation.

Links
The web page may include hyperlinks to other sites that are not operated or monitored by the RPTE. The RPTE is therefore unable to guarantee, nor to assume any responsibility for, the legality, reliability, utility, accuracy or timeliness of the contents of such websites or those of their privacy practices. Before providing your personal information to third-party websites separate from the RPTE, please be aware that their level of compliance in terms of data protection may differ from our own.

Modification of the Privacy Policy
The RPTE may modify its Privacy Policy in accordance with legislation applicable at any time. In any event, any modification to the Privacy Policy shall be duly communicated to the Affected Party so that the latter is informed about the changes made to the processing of their personal data, and, in the event that applicable legislation requires this, the Affected Party may grant their consent.

Latest update of the RPTE Privacy Policy: 14 September 2018