Privacy Policy

This Privacy Policy regulates the use of the Internet portal service https://fadq.org/ whose responsible party for identification purposes is:

The Data Controller guarantees compliance with current regulations on personal data protection, reflected in Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons (GDPR) and in Organic Law 3/2018, of December 5, on Personal Data Protection and Guarantee of Digital Rights (LOPDGDD).

Below, we inform you in a general manner about the uses of your personal information, which uses and processing are detailed subsequently.

  • Data Controller: AVEDIS DONABEDIAN FOUNDATION FOR THE IMPROVEMENT OF HEALTHCARE QUALITY
  • Tax ID: G59026716
  • Address: C/ PROVENÇA Nº293 PRINCIPAL
  • Phone: 932076608
  • Email: protecciondatos@fadq.org

Principles, Which ones do we apply in data processing?

In the processing of your personal data, the Data Controller will apply the following principles that comply with the requirements of the GDPR:

  • Principle of lawfulness, fairness and transparency: The Data Controller will always require consent for the processing of personal data which may be for one or several specific purposes about which the Data Controller will inform the User previously with absolute transparency.
  • Data minimization principle: The Data Controller will only request strictly necessary data for the purpose or purposes for which it is requested.
  • Storage limitation principle: The Data Controller will keep the collected personal data for the time strictly necessary for the purpose or purposes of the processing.
  • Principle of integrity and confidentiality: The collected personal data will be processed in such a way that their security, confidentiality and integrity is guaranteed.

The Data Controller takes the necessary precautions to prevent unauthorized access or misuse of its users' data by third parties.

Data origin, Where do we obtain your data from?

The collected personal data comes directly from the information provided by users through the Data Controller's website.

1. We collect this information through the following means:

  • Contact form: We request personal contact data to respond to the requirements of the Data Controller's users. The personal data collected through this form will be processed only to address your query or request. They will not be transferred to third parties, except legal obligation.
  • Newsletter form: Through your registration you authorize the Data Controller to send you commercial communications about products and services related to the activity of the website managed by the Data Controller.
  • Job bank form: We request personal contact data, in accordance with current data protection regulations, we inform you that the personal data you provide through this form will be processed by the Data Controller for the purpose of managing your participation in staff selection processes. Your data will not be transferred to third parties except legal obligation.
  • Registration form: The personal data we process comes directly from the interested party through completing the enrollment form or potential enrollment request. The purpose of collection is to manage the admission process, place reservation, enrollment and other related administrative procedures.
  • Login data to create an account on the Website (such as email address and password).

Your personal data is treated with maximum confidentiality, the Data Controller having adopted the necessary technical and organizational measures to guarantee the confidentiality and security of personal data, preventing their alteration, loss, processing or unauthorized access.

In order for You to receive information and, where appropriate, be able to reserve or use the products and services that the Data Controller offers through its website, it is necessary that you inform us of certain personal data necessary to personalize our services and adjust them to your interests and needs. We remind you that it is the user's duty to inform us of any changes that occur in your data to the Data Controller that you have registered on our sites, to proceed with their maintenance in the corresponding files.

What purpose will we use your data for, what is the legal basis for these processing activities and how long will we keep them?

Purpose Legal Basis Retention
Provision of services you request from us Contractual relationship 5 years, from the end of the relationship.
Sending information about activities by email or postal mail Contractual relationship and consent Until consent is revoked.
Information request Consent Until consent is revoked.
Labor personnel management Contractual relationship and legal obligation 5 years
Supplier management Contractual relationship and legal obligation 5 years
Compliance with legal and contractual obligations Contractual relationship and legal obligation 10 years

Who will be able to access and know the content of your data?

To comply with the aforementioned purposes, the following persons and entities may have access to personal data. Their access will be limited to the data necessary to perform the Data Controller's functions. Confidentiality agreements or specific agreements regulating access to information, security measures and the use that can be made of the data have been signed with all recipient entities and persons. The following may have access to the data

  • Personnel duly authorized by the Data Controller
  • Public administration within the scope of their competences.

Legitimacy, What is the legal basis for processing your data?

The legal basis for processing your data will be based on:

  • The data subject's consent, for the processing of their data, in accordance with Article 6(1)(a) of the General European Data Protection Regulation. It is understood that the user accepts this privacy policy by checking the box "I have read and accept the privacy policy" found in data collection forms, or if a message is sent by email to the contact addresses listed on the website.
  • The necessary performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, in accordance with Article 6(1)(b) of the General European Data Protection Regulation.

You may revoke your consent in accordance with Article 13(2)(c) of GDPR 679/2016. It is an order that the data subject gives to the Data Controller notifying them that they withdraw the consent they had granted.

Recipients, Who do we communicate your data to?

Personal data will not be transferred except in compliance with legally established obligations or to support services linked to this processing.

Cookies Policy

For this Website to function properly it needs to use cookies, which is information that is stored in your web browser.

You can consult all information related to the cookie collection and processing policy on the Privacy Policy page.

Rights, What are your rights when you provide us with your data?

As a consequence of the processing of your personal data by the Data Controller, current legislation grants you a series of rights. Below, we offer you a brief explanation of each right to facilitate their exercise:

  • Right of access: You will have the right to know the personal data we process about you and the purposes for which we process them. Regulated in Article 15 of GDPR 679/2016.
  • Right of rectification: Your data will always be yours, and as such, you can request their rectification at any time if those in our records were incorrect. Regulated in Article 16 of GDPR 679/2016.
  • Right to erasure: Consists of asking the data controller to delete any information about the data subject. Erasure involves blocking all data and keeping them available to public administrations during the period provided for the statute of limitations to exercise legal actions. Regulated in Article 17 of GDPR 679/2016.
  • Right to restriction of processing: Regulated in Article 18 of GDPR 679/2016. You may request the restriction of processing in the following cases
    • If you consider that the data we maintain about you is not correct or accurate;
    • If, in case you consider that we are not processing your data legitimately, but prefer that we restrict their processing instead of their deletion;
    • If the data we maintain is no longer necessary for the purpose for which we collected it, but you need us to keep it to file legal claims;
    • If, having exercised the right to object to any processing, you are awaiting our response regarding this matter.
  • Right to data portability: You will have the right to, whenever technically possible and reasonable, request that the personal data you have provided to us directly be communicated to another data controller. If possible, we will directly provide your data to that other data controller, but if not possible, we will provide them to you in a standard format. Regulated in Article 20 of GDPR 679/2016

You can exercise the rights you hold by addressing the Data Controller through any of the following means:

  • By email addressed to the corresponding Data Controller, as contemplated in the header of the document.
  • Postal mail addressed to the corresponding Data Controller, as contemplated in the header of the document.

If you do not wish to exercise a specific right, but need to make a query or suggestion regarding the processing of your personal data, you can also address the corresponding Data Controller.

Data Protection Officer

We have appointed Inforpyme Servicios Informáticos S.L. as Data Protection Officer, whose contact email is dpd@consulpyme.com. As described in Article 38 of the General Data Protection Regulation, data subjects may contact the Data Protection Officer regarding all issues related to the processing of their personal data and the exercise of their rights under this Regulation.

Complaint to the Supervisory Authority

If you believe that your rights have been disregarded by our entity, you may file a complaint with the Spanish Data Protection Agency, through any of the following means:

  • Electronic office: www.agpd.es
  • Postal address: C/ Jorge Juan, 6, 28001, Madrid
  • Telephone: Tlf: 901 100 099/ 912663517

Filing a complaint with the Spanish Data Protection Agency does not entail any cost and does not require the assistance of a lawyer or solicitor.

Minor consents, What happens if you are underage?

In the event that any of our services are specifically aimed at children under fourteen years of age, we will request the consent of parents or guardians for the collection of personal data or, where appropriate, for the automated processing of data in accordance with Article 7 of the LOPDGDD.

Accuracy, truthfulness and security of data, How do we process your data?

The User is solely responsible for the truthfulness and correctness of the data included, exempting us from any responsibility in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them properly updated. The user agrees to provide complete and correct information in registration or subscription forms. We are not responsible for the truthfulness of information that is not our own creation and for which another source is indicated, therefore we also assume no responsibility for any hypothetical damages that may arise from the use of such information.

We also reserve the right to update, modify or delete the information contained on the website, and may even limit or not allow access to such information.

We will not be liable for any damage or harm that the User may suffer as a result of errors, defects or omissions in the information provided by the data controller, provided it comes from external sources.

Data will be treated confidentially and subject to appropriate technical and organizational security measures to prevent their alteration, loss, processing or unauthorized access.