PRIVACY POLICY

Entidad: NIF: Domicilio: Correo electrónico: Teléfono:

Last updated: 26 June

1. Data Controller

In accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and the applicable data protection legislation, users are informed that the personal data provided through this website will be processed by:

Entity: Altekio Iniciativas hacia la sostenibilidad, S. coop. Madrid
Tax ID (NIF): F85301315
Registered Address: Paseo de las Acacias, 3 1º A 28005 Madrid
Email: cooperativa@altekio.es
Telephone: 917585961

2. Purpose of the Processing

The personal data collected through this website will be processed for the following purposes:

a) Handling Enquiries and Information Requests

To manage and respond to enquiries, requests for information, suggestions or communications submitted by users through the contact forms or any of the communication channels provided on the website.

b) Management of Courses and Training Activities

To manage the registration, enrolment, purchase, organisation, delivery and monitoring of courses, training activities and other services offered by the association.

c) Management of the Online Learning Platform

To create and manage user accounts required to access the Moodle-based online learning platform, manage login credentials, monitor students’ academic progress and facilitate access to educational resources.

d) Administrative and Financial Management

To manage payments, invoicing, collections, issuance of certificates and any other administrative procedures arising from participation in courses or activities organised by the association.

e) Recruitment and Job Applications

To manage CVs and applications submitted through the careers form or any other channel made available for participation in current or future recruitment processes related to the association’s activities.

3. Categories of Data Processed

Depending on the purpose of the processing, the following categories of personal data may be collected:

  • Full name.
  • Identification document details where required.
  • Postal address.
  • Email address.
  • Telephone number.
  • Academic and professional information contained in CVs.
  • Information required for registration in courses and training activities.
  • Data related to participation and progress within the Moodle learning platform.
  • Information contained in enquiries or communications submitted by users.

4. Legal Basis for Processing

The legal grounds for processing personal data are:

  • The user’s consent when completing and submitting forms available on the website.
  • The performance of a contract or the implementation of pre-contractual measures when a user enrols in or purchases a course or training activity.
  • Compliance with legal obligations applicable to the association.
  • The legitimate interests of the association in the proper management of its educational, organisational and administrative activities.

5. Data Retention

Personal data will be retained for as long as necessary to fulfil the purposes for which they were collected and, subsequently, for the periods required by applicable law to address any potential liabilities.

As a general rule:

  • Data submitted through contact forms will be retained for as long as necessary to respond to the relevant request.
  • Student and participant data will be retained for the duration of the relationship and subsequently for the legally required retention periods.
  • Data relating to completed courses may be retained for the period necessary to verify participation and issue certificates or duplicate certificates where appropriate.
  • CVs and job applications may be retained for a maximum period of two years from receipt unless the applicant requests their deletion beforehand.

6. Recipients of the Data

As a general rule, personal data will not be disclosed to third parties unless required by law.

However, personal data may be accessed by service providers necessary for the operation of the association and the website, acting as data processors and subject to the appropriate contractual and legal safeguards.

In addition, for the management of payments related to courses or training activities, the association uses external payment service providers. When users select an electronic payment method, the information required to process the transaction will be handled directly by the relevant financial institution or payment service provider.

The association does not store or have access to complete payment card details used during the payment process.

7. Online Learning Platform

The association operates an online learning platform accessible through its own subdomain and based on Moodle.

Students’ personal data will be processed for the following purposes:

  • Creating and managing user accounts.
  • Providing access to educational content.
  • Managing academic activities.
  • Monitoring learning progress.
  • Issuing certificates, diplomas or other credentials where applicable.
  • Ensuring the proper operation of the platform.

8. International Data Transfers

As a general rule, the association seeks to ensure that personal data are processed within the European Economic Area (EEA).

However, certain technology providers used by the website or related services may involve international data transfers. In such cases, transfers will only take place where appropriate safeguards are in place in accordance with applicable data protection legislation.

9. Google Analytics

This website uses Google Analytics to obtain statistical information about website usage and to improve the services provided.

The information collected is aggregated and used exclusively for analytical purposes.

Analytical cookies will only be installed after the user has provided consent through the website’s cookie management system.

Further information can be found in the Cookie Policy.

10. Data Subject Rights

Users have the right to:

  • Request access to their personal data.
  • Request the rectification of inaccurate personal data.
  • Request the erasure of their personal data where applicable.
  • Request the restriction of processing.
  • Object to the processing of their personal data.
  • Request data portability.
  • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, users may contact the association using the postal or email address provided in this Privacy Policy.

Requests must include sufficient information to identify the applicant and specify the right being exercised.

11. Complaints to the Supervisory Authority

If you believe that the processing of your personal data does not comply with applicable legislation, you have the right to lodge a complaint with the competent data protection supervisory authority.

12. Information Security

The association implements the technical and organisational measures necessary to ensure a level of security appropriate to the risks involved and to prevent the loss, alteration, unauthorised processing or unauthorised access to personal data.

However, users should be aware that security measures on the Internet are not completely infallible.

13. Changes to this Privacy Policy

The association reserves the right to modify this Privacy Policy in order to adapt it to legislative developments, decisions of supervisory authorities or changes in the services provided.

Any changes will be published on this page and will become effective from the date of publication.