1. DATA CONTROLLER’S DETAILS

Name: ARCHBISHOPRIC OF TOLEDO, (hereinafter referred to as ARCHBISHOPRIC). Address: Calle Arco de Palacio, 3, 45002 – Toledo.

Telephone: 925224100

E-mail: architoledo@architoledo.org

Contact details of the Data Protection Delegate: Francisco César García Magán.

Contact PDP: protecciondedatos@architoledo.org

 

2. PROCESSING OF DATA COLLECTED THROUGH THE WEBSITE

The data that ARCHBISHOPRIC may collect through the use, browsing of the website, through our forms, via email or as a result of the contractual relationship that binds you to ARCHBISHOPRIC are personal data. When filling in each of the forms on our website there will be a series of obligatory data, whose fields are marked with the symbol*.

 

In the case of not filling in these fields, the purposes described in each of the forms cannot be carried out. On some occasions, we inform you that by simply using and browsing our website, ARCHBISHOPRIC will store data relating to:

• IP address
  • Browser version
  • Operating system
  • Duration of the visit or browsing of the Website

Such information may be stored by Google Analytics, for which we refer to Google’s Privacy Policy, as it collects and processes such information. Similarly, the Website provides the utility of Google Maps, which may have access to your location, if you allow it to do so, in order to provide you with greater specificity about the distance and/or paths to our headquarters. In this regard, we refer to the Privacy Policy used by Google Maps, in order to know the use and treatment of such data. ARCHBISHOPRIC reserves the right to modify or adapt this Privacy Policy at any time. Therefore, we recommend you to review it each time you access the Website. In the event that you register as user on the website and access your account or profile, upon accessing the same, you will be informed in the event that there have been substantial changes in relation to the processing of your personal data.

1. Contact form.

1. Purpose. To answer your request for information.

• Legitimation. The consent of the data subject.
• Recipients. The recipients of your data will be the different areas/departments of our entity, as well as third parties to whom we transfer your data, when it is lawful in accordance with the provisions of current legislation on data protection.

2. Spontaneous applications.

1. Purpose. To involve you in the personnel selection processes carried out by ARCHBISHOPRIC

• Legitimation. The consent given by the interested party by virtue of their spontaneous application.
• Recipients. The recipients of your data will be the different areas/departments of our entity, as well as third parties to whom we transfer your data, when it is lawful in accordance with the provisions of current legislation on data protection.

 

3. OTHER DATA PROCESSING

 

3. Exclusive to professional contacts.

1. Purpose. At ARCHBISHOPRIC, we process your personal data in order to maintain our professional relationship.

• Legitimation. The legitimate interest pursued by the data controller, in order to maintain relations of any kind with the legal entity in which the data subject provides his or her services, provided that the interest or fundamental rights and freedoms of the interested party do not prevail.

• Recipients. The recipients of your data will be the different areas/departments of our entity, as well as third parties to whom we transfer your data, when it is lawful in accordance with the provisions of current legislation on data protection.

2. Exclusive to social media contacts

1. Purpose. At ARCHBISHOPRIC, we process your personal data for the following purposes:
   1. Respond to queries, requests or petitions.

 

1. 1. Manage the requested service, reply to the request, or process a request.
   2. Establish a user-controller relationship, and create a community of followers.
   3. Legitimation. The legitimate interest of the data controller, as well as the acceptance of a contractual relationship in the relevant social network environment.

• Recipients. The recipients of your data will be the different areas/departments of our entity, as well as third parties to whom we transfer your data, where lawful in accordance with the provisions of current legislation on data protection. However, we recommend reviewing the privacy policy of the social networks that we mainly use, as social networks, being American, may transfer data to the United States.

 

3. Exclusive Processing of images from video surveillance cameras.

1. Purpose. Our facilities are equipped with permanent video surveillance systems for security reasons.

• Legitimation. The legitimate interest pursued is the legitimate interest pursued by the ARCHBISHOPRIC, for the security of its facilities, provided that the interest or fundamental rights and freedoms of the interested party do not prevail.
• Recipients. The recipients of your data will be the different areas/departments of our entity, as well as third parties to whom we transfer your data, when it is lawful in accordance with the provisions of current legislation on data protection.

 

4. DATA RETENTION PERIODS

 

PROCESSING OF DATA COLLECTED THROUGH THE WEBSITE
Contact forms	Your personal data will be processed for the time strictly necessary to deal with your request.
Spontaneous applications	In accordance with the  ARCHBISHOPRIC ‘s retention policy, your personal data will be kept for a maximum period of ONE YEAR from the receipt of the curriculum vitae.

 

OTHER DATA PROCESSING
Exclusive to professional contacts	Until the end of our professional relations or until you decide to cancel or object to the processing of your contact data.
Exclusive to social media contacts	Your personal data will be kept for the necessary time to fulfil the purpose for which they were collected.
Exclusive Video surveillance systems	The recordings will be kept for a period of ONE MONTH from their capture in accordance with article 22 of Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of digital rights.

 

 

 

• INTERNATIONAL TRANSFERS.

ARCHBISHOPRIC does not plan to make international data transfers. In case they are necessary, they will only be made to entities under the US-EU Privacy Shield agreement (more information: https://www.privacyshield.gov/welcome ), to entities that have demonstrated that they comply with the level of protection and guarantees in accordance with the parameters and demands foreseen in the current regulations on data protection, such as the European Regulation, or when there is a legal authorisation to make the international transfer.

 

5. WHAT ARE YOUR RIGHTS IN RELATION TO DATA PROCESSING?

 As the data holder, you have the right to obtain confirmation of the existence of the processing of your data, to access your personal data, to request the rectification of data that is inaccurate or, where appropriate, to request deletion, when among other reasons, the data is no longer necessary for the purposes for which it was collected or you as a data subject withdraw the consent given. ARCHBISHOPRIC will process and keep your data in accordance with current legislation, notwithstanding the fact that you, as a data subject, may request in any case, the limitation of your data processing. In certain cases, you are entitled to exercise your right to data portability, which will be delivered in a structured, commonly used or machine-readable format to you or to the new data controller that you designate. You are additionally entitled to withdraw your consent at any time for any of the processing operations for which you have given it. To exercise your rights, please contact us at protecciondedatos@architoledo.org.  

 

We have forms available for the exercise of all the aforementioned rights. However, you may also use the forms prepared by the Spanish Data Protection Agency. You will have the right to lodge a complaint with the Spanish Data Protection Agency in the event that you consider that the exercise of your rights has not been properly dealt with. The maximum period for a decision to be taken will be one month from the date of receipt of your request. In the event of any modification of your data, please inform us duly in writing in order to keep your data up to date.