General privacy policy of the website

• Data Controller: COLEGIO UNIVERSITARIO DE ESTUDIOS FINANCIEROS. Tax Identification Number: B86969235
• Address: Calle Prineos, 55 – 28040 MADRID
• Telephone no.: 91 444 51 61
• email: lopd@cunef.edu

We have a Data Protection Officer (DPO), a legally established figure whose role is to provide information and advice regarding the organisation’s duties in terms of personal data protection and supervise compliance. The DPO is also the person to contact for any question related to the processing of personal data:

• DPO contact details: Picón y Asociados Derecho y Nuevas Tecnologías, S.L. C/ Hermanos Pinzón 3, Bajo – 28036 Madrid.

email: dpd@piconyasociados.es

The information you provide will be processed for the following purposes, based on why you provided it:

• To solve your queries or doubts and process your requests—for information or of any kind—made via any of the contact forms available on the website.
• To send marketing communications. The purpose of these communications is to inform users of the different services offered by the organisation, as well as the events it organises or participates in. Based on the information you provide, we can offer you services and information that are relevant to you or your interests. No automated decisions will be made using your personal data.
• To process user applications for admission and registration for any of the academic, cultural or sports-related services offered by CUNEF, including events or activities that  CUNEF organises or participates in, as well as any related activities.
• To handle student requests for academic services, applications for scholarships and financial aid, and any procedures related to their studies at CUNEF (pursuing internships, participating in academic events, etc.).

To this end, images of participants may be captured (in photographs and videos, which may contain both images and voice recordings) for educational purposes (e.g.: university assignments, tests, exams…). CUNEF may proceed to record online exams to guarantee security and serve as evidence of the exam. The purpose of the recording is to make sure students are presents and complete the exam, as well as to prevent inappropriate student behaviour.

It is mandatory to provide personal data for these purposes, since it is otherwise impossible for students to enrol in and pursue their studies.

Additionally, the introduction of online training in, for instance, blended models that combine on-campus and virtual sessions may require the streaming of face-to-face classes for those students enrolled in the subject who opt for remote access (thanks to the use of digital resources to adapt the classroom technologically and promote virtual learning). As a consequence, classes will be recorded to:

• Allow for subsequent viewing in distance-learning programmes
• Guarantee access to the content to students who, for different reasons, could not attend the class in person or had connectivity issues
• Enable its use as study material for exam preparation

Classes will be streamed live to allow students to attend online. Access to live-streamed sessions or recordings will be restricted to students who are enrolled in the corresponding courses, teachers and CUNEF management staff.

With the introduction of blended learning, cameras have to be installed in the classrooms to allow classes to be streamed online. Since the main purpose is to record teachers’ image and voice, they will be pointed exclusively at them, in an effort to keep students out of the frame; however, it is impossible to guarantee that students’ image or voice will never be captured when they move around the room or participate in class. Teachers will do everything in their power to try to prevent students’ image or voice from being captured. It is mandatory to provide personal data for these purposes, since it is otherwise impossible for students to enrol in and pursue their studies in blended format.

Under no circumstances are students allowed to record the sessions unless they have received consent from all participants.

Recordings can be used as evidence of alleged student offences under CUNEF Disciplinary Rules and Procedures.

• To process CUNEF Alumni Association membership applications. Members can participate in the conferences and events organised by the association and benefit from all the privileges it offers. The association will act as Data Controller, with the following contact details:
  • ASOCIACIÓN DE ANTIGUOS ALUMNOS DE CUNEF – CUNEF ALUMNI. Tax Identification Number: G80947351
  • Registered office: Calle Leonardo Prieto de Castro, 2 – 28040 Madrid
  • Telephone no.: + 34 916 361 459
  • email: antiguos@cunef.edu
• During the different activities and events carried out by CUNEF, images of participants may be captured (in photographs and videos, which may contain both images and voice recordings), for the purpose of publicity and advertising of CUNEF events in the organisation’s magazine, website or social media.

• For the purposes described in points 1and 2, your personal data will be stored until we provide a final solution to your request or query. 

  After that, they will be kept as part of a communications record for a maximum of one year, unless you request their erasure via any of the contact means contained herein.

• For marketing communications, your data will be stored indefinitely, or until you specify that you do not wish to continue receiving said communications.

  • For the purpose of processing applications for admission and registration for any of the academic, cultural or sports-related services offered by CUNEF, including events or activities that  CUNEF organises or participates in, as well as any related activities

    , your data will be stored for the duration of said services and, after that, until any related liabilities expire.

  • For the purpose of handling student requests for academic services, applications for scholarships and financial aid, and any procedures related to their studies at CUNEF (pursuing internships, participating in academic events, etc.)

    , your data will be stored for as long as you are a student in CUNEF and, after that, until any liabilities related to your academic relationship with the institution expire, as per the current statute of limitations.

• Classes recorded for the purposes of blended learning or other forms of online training, as well as any other recordings made for an academic purpose, will only be available for the corresponding academic year, unless they can be used as student assessment evidence, in which case they will be stored until there is a final resolution in cases where students request a review or appeal of a grade. Notwithstanding, CUNEF may keep a duly blocked copy of the recordings for compliance with legal obligations until they expire. In this case, access will be restricted to CUNEF Management.

  Additionally, the University Student Statute indicates (art. 29.3) that teachers are responsible for storing exams and assessment evidence until the end of the following academic year. In cases when students request a review or appeal of a grade they will be stored until a final resolution is reached, in accordance with the aforementioned regulations.

  Recording will only be accessible via CUNEF teaching tools.

  • For the purpose of processing CUNEF Alumni Association membership applications

    , your data will be stored for as long as you are a member of the association and, after that, until any liabilities related to your ties to said association expire, as per the current statute of limitations.

  • Images and voice recordings of participants captured duringdifferent activities and events carried out by CUNEF 

    for the purpose of publicity and advertising of said events will be stored indefinitely, unless user requests their erasure via any of the contact means contained herein.

• For the purposes described in points 1and 2

  the legal basis is consent you give by providing the information. You may withdraw your consent at any time, although this will not affect the lawfulness of any previous use of the information. Providing personal data is optional, but, unless you provide the necessary information, it will not be possible to process your requests. Therefore, the communication of your personal data for these purposes is a necessary requirement for us to handle your requests and send, where appropriate, marketing communications.

Regardless of this, marketing communications to CUNEF clients/students are based on the legitimate business interest of being able to offer our clients/students the option of hiring other services, as well as information on our events and activities. This legitimate interest is recognised by current regulations, which expressly allow the processing of personal data on that basis for direct marketing purposes. However, we remind you that you have the right to oppose this use of your data, and can do so by any of the means provided herein.

The data that will be processed for these purposes will be the following: Identification and contact details.

• For the purpose of processing applications for admission and registration for any of the academic, cultural or sports-related services offered by CUNEF, including events or activities that  CUNEF organises or participates in, as well as any related activities

  , the legal basis is the contractual relationship between both parties, or the adoption of pre-contractual measures. The processing of personal data is necessary for admission and registration for the different academic, cultural or sports-related services offered by CUNEF. This means it is mandatory to provide personal data, since it is impossible to process your application otherwise.

• For the purpose of handling student requests for academic services, applications for scholarships and financial aid, and any procedures related to their studies at CUNEF (pursuing internships, participating in academic events, etc.)

  , the legal basis is the contractual relationship between both parties, as well as the basis provided in article 6.1.e) of the GDPR (processing data is necessary to fulfil a mission carried out in the public interest) by virtue of Organic Law 6/2001, of December 21, on Universities.

Students’ consent is not required to process data when recording classes for the purposes of online training, or recording online tests or any other form of recording made for an academic purpose (projects, exams, etc.), since the legal basis is also fulfilling a mission carried out in the public interest.

It is therefore mandatory to provide said data for the purposes described above, since it is otherwise impossible for students to enrol in and pursue their studies or participate in other academic services offered by CUNEF.

• For the purpose of processing CUNEF Alumni Association membership applications

  , the legal basis is a contractual relationship, based on the services rendered by the association to its members. To register and participate in this association, it is necessary to process personal data, which makes it mandatory to provide it. Registration is otherwise impossible.

• With regard to processing images and voice recordings of participants in different activities and events carried out by CUNEF

  , when images are not captured for an educational purpose, but rather for publicity and advertising of CUNEF events in the organisation’s magazine, website or social media, we will obtain the consent of the parties involved, thus acquiring a legal basis.

Using images of participants for publicity and advertising is not mandatory, which means that they cannot be used for this purpose without participants’ authorisation. Consent can be withdrawn at any time, although this will not affect the lawfulness of any previous use of the data.

In any case, CUNEF reserves the right to take photographs and make videos of all the activities and events that it organises, individually or with third parties. Therefore, any participants who wish for their image and voice to be captured and used for the above-mentioned purposes of publicity and advertisement must express their consent. Any participants who do not express their consent must refrain from voluntarily participating in the photographs and videos made by CUNEF. If their image is captured incidentally, it will not be considered an illegitimate invasion of privacy and personal image, and there is no need to obtain their express consent, in accordance with Organic Law 1/82, since the legal basis is the above-mentioned fulfilment of a mission carried out in the public interest.

If you become a friend or follower of CUNEF on social media, we will process your data to keep you informed of our events and activities via those media. The legal basis for this is your consent, and your data will be stored for as long as you remain a friend or follower. You may withdraw your consent at any time, although this will not affect the lawfulness of any previous use of the information. Providing personal data is optional, but, unless you provide the necessary information, .

When users register directly through social media, we will process the data previously provided to said media only for the purposes described in the corresponding platform’s privacy policies. We will collect the necessary data to fill out our registration form. If we require additional information to proceed with your registration on our website, you will be required to add it via our registration form, subject to the privacy conditions provided in this clause.

If you submit your resumé, we will process your personal data to collect all the information required for the job/internship recruitment process. The data will be stored for the duration of the said process and, unless you specify otherwise, for a year after the information is last updated, for future consideration in similar recruitment processes. To this end, you must keep your data up to date, especially in terms of education and experience. The legal basis for processing these data is your consent, expressed by submitting your resumé. You can withdraw this consent at any time, although this will not affect the lawfulness of any previous use of the information. Additional data may be collected during interview or candidate selection processes, also on the legal basis of consent.

Student data may be transferred to the following recipients:

1. Relevant government agencies, for the cases and purposes established by law.
2. Financial institutions that process payments and collections.
3. Insurance companies where CUNEF holds the corresponding insurance policies.
4. As a result of the academic services offered by this University, student data may be transferred to training and employment partners to provide access to jobs/internships.
5. Students’ parents or legal representatives will receive information regarding grades, enrolment or scholarships, provided that students have given their consent or are financially dependent on said parents/representatives. In these cases, a prevailing legitimate interest is assumed as a rule, enabling the transferring of the data without the need for students’ prior consent. Students can exercise their right to object within the limitations established by law.

Data provided by other website users will not be transferred to third parties, except government agencies for the cases and purposes established by law.

Everybody has the right to know if we are processing their data or not. You have the right to access your data, to request that inaccurate data be rectified and also to request the erasure of data when, among other reasons, they are no longer necessary for the purpose for which you provided them.

Under the terms of the GDPR, you may request the restriction of the processing or transferring of your data, in which case we will only store them for the exercise or defence of legal claims.

Under certain circumstances, and for reasons related to their specific situation, users may object to the processing of their data. If you give consent for a specific purpose, you have the right to withdraw it at any time, although this will not affect the lawfulness of any previous use of the information. In such cases, we will stop processing your data or, where necessary, stop processing it for that specific purpose, except for compelling legitimate interests, or the exercise or defence of legal claims.

Additionally, data protection regulations allow you to object to being the subject of decisions based solely on the automated processing of your data, when appropriate.

The following conditions apply to all the aforementioned rights:

• You can exercise them free of cost, unless your requests are manifestly unfounded or excessive (e.g., repetitive), in which case we may either charge a fee for the administrative costs incurred or refuse to act.
• You can exercise them directly or through a legal representative or volunteer.
• We must respond to you request within one month, although, depending on the complexity and number of requests, the period can be extended for another two months.
• It is our duty to inform you of how to exercise these rights and ensure that the necessary means are accessible. We cannot deny you the right to exercise your rights for the sole reason of choosing other means. If the request is submitted by electronic means, the information will be provided by these means whenever possible, unless you ask us to do otherwise.
• If, for any reason, your request is not granted, we will inform you, within a maximum period of one month, of the reasons and of the possibility of filing a claim with a competent Control Authority.

To make it easier for you to exercise your rights, we provide the links to the corresponding forms below:

• Right of Access Form
• Right to Rectification Form
• Right to Object Form
• Right to Erasure Form
• Right to Restrict Processing Form
• Right to Data Portability Form
• Rights in relation to automated decision making and profiling Form

Proof of identity is required in all cases. You must attach a photocopy or scanned copy of your ID or equivalent document. If your rights are exercised through a representative, proof of representation is also required.

Users are responsible for ensuring that any information they provide via this website is accurate. They are accountable for the truthfulness of the data provided, and must keep it duly updated, to ensure that it reflects their actual status at all times. Users will be liable for any false or inaccurate information that they might provide, and any harm this might cause to the owner of this website or to third parties.

CUNEF undertakes to use the data provided for the purposes indicated in this Privacy Policy, guaranteeing the security and confidentiality of said data. To this end, it has implemented technical and organisational security measures to prevent data alteration, loss and unauthorised use or access, in accordance with applicable laws.