Confidentiality and security are key values of CRAG and, consequently, we assume the commitment to guarantee the privacy of the personal data of our users at all times and not to collect unnecessary information.
- Who is responsible for the processing of your data.
- For what purposes do we request the data we request.
- What is the legitimacy for its treatment?
- For how long we keep them.
- To which recipients communicate their data.
- What are their rights.
WHO IS THE PERSONAL DATA CONTROLLER?
Social Reason: Centre for Research in Agricultural Genomics (CRAG)
Address: Centre for Research in Agricultural Genomics, CRAG Calle de la Vall Moronta, CRAG Building 08193 Cerdanyola del Vallès (Barcelona)
WHO ARE THE STAKEHOLDERS?
The personal data processed are those of:
- People who have provided us with their data by sending email to the contact addresses published on the website to make questions or obtain information about our services and activities.
- People who send their applications to personnel selection processes and job bank.
FOR WHAT PURPOSES AND LEGITIMIZATION DO WE USE PERSONAL DATA?
At CRAG we process personal data to respond to requests for information or respond to your requests.
These personal data will be processed for the legitimate purposes indicated below.
Responding to requests for information or contact:
At CRAG we will use the contact information provided to respond to your requests and questions directed to the contact email addresses that have been published.
- Legitimate interest of CRAG for this data processing considering the reasonable expectations of the stakeholder to receive a response to their requests.
- Data of identification: First name and surname(s)
- Data of contact: Email address and optional contact phone number
Sending of candidates to open selection processes and job bank:
The personal data of the people who want to apply for the selection processes opened by the CRAG will be treated in order to validate the candidatures in the positions to which they apply, or are registered in the job bank to opt for future vacancies.
- Legitimate interest of the CRAG to manage candidates for open selection processes and considering the reasonable expectations of those interested in participating in these processes.
- Treatment necessary for the execution of a contract in which the interested party is a party or for the application at the request of this of pre-contractual measures.
- Consent expressed by the stakeholder when providing their data through the specific form for this purpose.
- The place you apply for
- Identification data: Name and Surname (s)
- Contact data: Email address and contact telephone number
- Education: Level of studies and languages
- The employment situation: Current status and category
- Curriculum and presentation letter
- Other: Country and place of residence
Analytics of visits to the website:
CRAG uses various techniques to collect information that can be used to obtain analytical data of visits and navigation through the pages of our websites.
by Google Analytics (https://policies.google.com/technologies/partner-sites)
It is important to note that, as indicated by their privacy policies, these companies can cross the browsing data with their internal records in order to use them for the personalization of ads, even if you do not have a registered account for their services.
- Legitimate interest of CRAG to obtain analytical information about the use of the website by visitors.
- Online identifiers, including identification cookies
- Identifiers of clients
- Information contained in the HTTP headers of requests sent over the Internet such as the type of device, operating system and browser from which the pages are visited.
- Information provided by the browser such as preferred language, time zone and others.
- Navigation data on the website: pages visited
More information at:
In addition to the above, the CRAG may carry out other processing of personal data. In this case the interested party will receive the necessary information in relation to these treatments and the CRAG will request their consent if necessary.
HOW LONG WILL CRAG KEEP THE DATA?
In general, the data will be kept for as long as necessary to comply with the purpose for which they were collected and to determine the possible responsibilities that may arise from that purpose and the processing of the data.
Among others, it implies that the CRAG will keep the personal data of the stakeholder for the duration of the relationship with us and, where appropriate, for the period that is necessary for the formulation, exercise or defense of potential claims, or to comply with the legal obligations determined by the applicable legislation.
In the case of the data of the candidates who send us their applications to selection processes or register in the job bank, their data will be kept if their elimination is not requested.
Once the aforementioned period has ended, the CRAG undertakes to cease the processing of all personal data, destroy, block or anonymize them as far as possible for the purpose for which they are kept.
WHO WILL THE DATA BE COMMUNICATED TO?
Personal data will not be transferred to third parties, unless necessary to respond to the request, we are bound by a law, or the interested party has given us their consent.
We may also communicate data to companies that provide us with services related to the ordinary and administrative activity of the company as processors, national or international, within the framework of the provision of services such as, among others, providers of email services, web services hosting, server hosting, SaaS management application services, cloud file and others.
The provision of these services may involve the processing of personal data by companies located in countries outside the European Economic Area (international data transfers). However, it is only done with countries that offer an adequate level of protection or, in the case of entities in the US, that are accredited under the EU-US Privacy Shield. Commission Decision (EU) 2016/1250 of 12 July 2016.
WHAT ARE THE RIGHTS OF THE STAKEHOLDERS WHEN THEY PROVIDE US WITH THEIR DATA?
At any time, the stakeholder may exercise their rights of access, rectification, deletion and portability of the personal data processed by the CRAG as well as those of opposition and limitation of its treatment.
These rights may be exercised free of charge by the stakeholder, and where appropriate by the person representing them, by written and signed request, accompanied by a copy of their ID or equivalent document proving their identity, addressed to our Data Protection Officer (DPO) who is available:
- by email: firstname.lastname@example.org
- By postmail: Av. Cerdanyola 98, esc B, 4art pis, oficina 18 – Edifici Collserola 08173 Sant Cugat del Vallès (Spain)
In the case of representation, it must be tested by written document and attaching a copy of the DNI or equivalent document that proves its representation.
In addition to the above rights, the stakeholder will have the right to withdraw the consent granted at any time by means of the procedure described above, without this withdrawal of consent affecting the legality of the treatment prior to its withdrawal. The CRAG may continue to process the personal data of the stakeholder to the extent that the applicable law allows it or any other legitimization that justifies it persists.
The CRAG reminds the stakeholder that he has the right to file a claim with the relevant supervisory authority (Spanish Agency for Data Protection).
UPDATING OF YOUR DATA
It is important that in order that we can keep your personal data updated, you inform us whenever there has been any modification in them. Otherwise, we do not respond to the veracity of the same and the implications that may have in its treatment.
SECURITY IN THE TREATMENT AND CUSTODY OF DATA
The CRAG declares that it has applied the appropriate technical and organizational measures in order to guarantee and be able to demonstrate that the treatment is in accordance with current legislation and that the protection of the rights of the stakeholder is guaranteed.
To do this, it has implemented a Management System for the Protection of Personal Data in order to determine and apply the technical and organizational means at its disposal to avoid the loss, misuse, alteration, unauthorized access and theft of the data provided by users, without prejudice to inform that the security measures on the Internet are not impregnable.
Likewise, the CRAG has launched internal controls to verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organizational measures implemented to guarantee the safety of the treatment.
Please read our Cookies Policy carefully before continuing to browse our website.