Your privacy is important for us! This Privacy Policy explains how we respect the personal data of the users (from now on “data subjects”) that is why we inform you that this website complies with the General Data Protection Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 (GDPR), the Spanish Act 3/2018 of 5 December (LOPD) and the Spanish Act 34/2002 of 11th July, on Information Society and E-commerce Services (LSSICE) and all the other data protection legislation in force.
EUROPEAN COLLEGE – EC BUSINESS SCHOOL S.A.U. (from now on “EU Business School”) respects the protection of personal data -stated above- the privacy of data subjects and the confidentiality and security of the personal data, and adopts for this purpose technical and organizational measures to avoid the loss, misuse, alteration, unauthorized access and theft of the provided personal data, taking into account the current state-of-the-art, nature of the data and the risks to which they are exposed.
This Privacy Policy can be subject to periodical revisions with the aim to update the changes in accordance with the legislation in force in order to update our practices regarding collection, use and disclosure of the information. Those changes will be in force since the publication on the website. For this reason the periodical revision of this Privacy Policy in order to keep it updated.
Controller of the Processing
Omnes Education and EU Business School as a member of the Omnes Education Group; Hereinafter referred to as EU Business School.
Omnes Education: O & D ORGANISATION ET DEVELOPPEMENT, SASU; Immeuble Greenelle, 43 quai de Grenelle, 75015 PARIS; TVA number: FR18445260169; ID number RCS Paris 445 260 169. See the privacy policy in their website: www.omneseducation.com/mentions-legales-donnees-personnelles/#politique-confidentialite.
EU Business School: European College-EC Business School SA, ID number A63265110, domiciled at Av. Diagonal 648 bis, 08017 Barcelona (Spain)
Contact for Data Protection purposes:
EU Business School; Av. Diagonal 648 bis, 08017 Barcelona (Spain)
Telephone number (+34) 932 018 171
email: privacy@euruni.edu
EU Business School DPO is carried out by an external service provider. You can contact our DPO at dpo@euruni.edu.
Processed Personal Data
The personal data processed by EU Business School obtained from this website comes from the different contact forms, all of them in addition to this policy with their own data protection information.
Data subjects | Categories of Data to Processing |
Consultants (provide information about) |
a) Identification data: name and surname. b) Contact information: email, phone number and country |
Newsletter subscribers |
a) Identification data: name and surname. b) Contact information: email, phone number and country |
Students applicants |
a) Identification data: name and surname. |
Applicants for a job |
a) Identification data: name and surname. b) Contact information: email, phone number and country c) Information related to the potential unlawful behaviour, e.g. employment data, tax data, economic data, etc. |
PURPOSES
The main purpose why we collect data through this website is the rendering of services in order to comply with the purposes of EU Business School. The services rendered are the following:
- Provide information and advice about the Omnes Education Group.
- Provide information and advice for Admissions.
- Offering publicity and advertisement about the educational programs.
- The possibility to apply for a job
- The possibility to subscribe and receive a newsletter
We never ask for personal information unless it’s really necessary to render our services.
LEGITIMACY
The legal basis for applicants for a job or students applicants is for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
The legal basis for the other processing is the consent given by the data subject by completing the corresponding application form.
TRANSFERING DATA TO THIRD PARTIES
Omnes Education and EU Business School share information:
- Among entities of the EU Business School Group, which are also subject to this privacy policy EU Business School Group entities are the following:
- European College-EC Business School SA, ID number A63265110, domiciled at Av. Diagonal 648 bis, 08017 Barcelona (Spain)
- EU SA, ID number CHE-184.069.647, domiciled at Rue Kléberg 6, 1201 Geneva, Switzerland.
- EU Business School Munich GmbH, ID number DE266910318, domiciled at Theresienhöhe 28, 80339 Munich, Germany.
- EU Business School SA, ID number CHE-184.069.647, domiciled at Rue Kléberg 6, 1201 Geneva, Switzerland.
- With services renderers: EU Business School and the Omnes Education Group entities hire other companies in order to develop certain function on their behalf. Some of those functions are: managing payrolls and offering legal and economic services, cleaning services, collection and destruction of documents, IT services, security services. Consequently, those third parties will have access to personal information which is necessary to develop their functions, but they will not use it for other purposes or addition objectives. Moreover, they will treat that information in accordance with this Privacy Policy and the applicable legislation in Data Protection matters.
Nonetheless, we inform you that EU Business School and the Omnes Education Group entities will be allowed to transfer information about the used whenever the Law provides so and when Administrative and/or Judicial Authorities require it.
Furthermore, EU Business School and the Omnes Education Group entities also reserve the right to disclose and/or transfer Personal Information to a third party in the event of a proposed or actual purchase, sale all or part of the business or assets. If such sales or transfers are carried out, EU Business School and the Omnes Education Group entities will make all reasonable efforts in order to make the buyer or transferee to use such information in a compatible way with our Privacy Policy. Once made the purchase or transfer, the use will be able to contact with the acquiring entity to formulate any doubts regarding his/her Processing.
CLOUD COMPUTING
In EU Business School we use a cloud computing system. Through it the personal data will also be transferred to the cloud computing managed by Microsoft Ireland Operations Ltd located in the Region Europe, Modul4 serveis informatics s.l. located in France and Calvet, they are all located under GDPR territory and thus, covered by the same data protection legislation.
Therefore, data will be kept no longer than necessary to achieve the purposes of this agreement, and once accomplished just the strictly necessary data will still be stored the necessary time to fulfill all the obligations stated by Law.
SOCIAL MEDIA
EU Business School has presence at different social media. The process of personal data following the official profiles of EU Business School will not only be treated by this privacy policy, but also by the terms of use, privacy policies and regulations to access belonging to that specific social network, so if more information is required consult the data protection policy of each social network.
INTERNATIONAL TRANSFERS
EU Business School has international providers, so your data may be processed outside the European Union or the European Economic Area.
In any case, EU Business School will ensure that data processing is always protected with the appropriate guarantees, which may include:
- Standard Clauses approved by the EU: these are contracts approved by the European regulator, and which provide sufficient guarantees to guarantee that the processing complies with the requirements established by the European Data Protection Regulation.
- Third-party certifications: framework agreement between the EU and a third state that establishes a standardized framework for data processing in accordance with the requirements of the European Data Protection Regulation.
TIME WE KEEP YOUR DATA
EU Business School shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of the storage.
When the storage period has expired, the personal data will be routinely blocked or erased in accordance with legal requirements. Once this period has expired, the data will be deleted definitively.
Moreover, data will be erased when the requirement from the interested subject is made.
RIGHTS OF THE DATA SUBJECT
Each data subject have the following rights:
- Right of access
Each data subject shall have the right granted by the European legislator to obtain from the controller free information about his or her personal data stored at any time and a copy of this information.
- Right to rectification
Each data subject shall have the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to erasure (Right to be forgotten)
Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay Right of restriction of processing
- Right to object
Each data subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6 (1) of the GDPR. This also applies to profiling based on these provisions.
- Right to restriction of processing
Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the Controller to verify the accuracy of the personal data.
The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead.
The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
The data subject has objected to processing pursuant to Article 21 (1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
- Right to data portability
Each data subject shall have the right granted by the European legislator, to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format, and to transmit directly from one controller to another, where technically feasible and does not adversely affect the rights and freedoms of others.
How to exercise all those rights:
Each data subject may exercise their rights of access, rectification, erasure, object, restriction of processing and portability of their personal data:
- By sending an e-mail to [email protected] with a copy of them ID.
- By sending a letter with a copy of them ID to Av. Diagonal 648 bis, 08017 Barcelona (Spain).
Each data subject may revoke at any time their consent to sending commercial and advertising communications by communicating it by any of the aforementioned means.
For the resolution of any doubt or question regarding our Privacy Policy you can contact our DPO at dpo@euruni.edu.
Furthermore, interested subjects will also have the right to lodge an appeal before the supervisory authority if the Processing of the data is considered contrary to the GDPR. In this case, the Authority is the Agencia Española de Protección de Datos (the Spanish Data Protection Agency) located at C/ Jorge Juan, nº 6, 28001 Madrid (Spain). You should send your questions/request to http://www.agpd.es/ or to the aforementioned address.
SECURITY MEASURES
EU Business School guarantees that they have adopted the appropriate technical, administrative and organizational measures in their facilities, systems and processes, necessary to guarantee the security of their personal data and to prevent their alteration, loss, theft, disclosure or unauthorized use; all in accordance with the provisions of the Data Protection Legislation in force.
COMMERCIAL MAIL
In accordance with the LSSICE, EU Business School does not SPAM. We do not send commercial mails unless they have been required by the web used. Consequently, in each website Form, the user can check the box to give his/her consent to receive advertising.
ACCURACY AND VERACITY OF DATA
The user sending the information to the website and other gates is the only responsible of the veracity and correction of their data, exonerating EU Business School and the Omnes Education Group entities of any responsibility on this regard. The users will guarantee and answer, in any case, about the precision, validity and authenticity of the personal data provided and undertaken to keep them up to date as required.
Privacy Policy, state as of: 04.11.2022.