Privacy Policy

According to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016, FUNDACIÓ IRIS-CC (INSTITUT DE RECERCA I INNOVACIÓ EN CIÈNCIES DE LA VIDA I LA SALUT A LA CATALUNYA CENTRAL) “the Responsible” with tax identification code (from now on, NIF) number G09998055 informs the User that its personal data will be treated to provide it the services requested and send the information about our business that may be of interest to the user.

Delivery and personal data registration

Sending personal data is obligatory to contact and receive information about services provided by the Responible. Likewise, if you don’t provide your personal data requested or if you don’t accept this data protection policy, you mustn’t have the opportunity to subscribe, register or receive information about these services.

When personal data will be obtained from the affected through electronic communications networks or within the framework of the provision of information society services, as well as in the other cases expressly established by the law or when it is authorized by Spanish Agency for the protection of Personal Data, the responsible of the treatment might be give effect to its information duty established in the article 13 of Regulation (EU) 2016/679 and providing to the affected the following essential information:

  1. The identity of the responsible of the treatment and its agent, in such a case.
  2. The purpose of the treatment
  3. The way in which the affected may exercise the rights established between articles 15 and 22 of the Regulation (EU) 2016/679

However, responsible and managers of the treatment or, in such a case, their agents must keep the treatment activities log to which is the article 30 of the Regulation (EU) 2016/679 referring to, unless the business or organization employ less than 250 people. It is an exception the possible danger for rights and liberties of the interested caused by the treatment, not occasional, or include special categories of personal data indicate in the article 9, section 1, or personal data related to convictions and criminal offences to which is the article 10 of Regulation (EU) 2016/679 referring to.

Finally, the article 5.1.f of the Regulation (EU) 2016/679 determines the need to establish adequate safety guarantees against the unauthorised treatment or illicit and against the loss of data protection, destruction or accidental damage. This situation implies the establishment of technical and organisational measures with the objective of ensuring the integrity and confidentiality of data protection and the possibility (article 5.2) to demonstrate that these measures have been carried out (proactive responsibility) Accuracy and veracity of data provided

The user who send information to the Reponsible is the only responsible of the veracity and correction of the data included. The Reponsible, is exonerated of any responsibly about this issue.

The users guarantee and response, in any case, about the accuracy, validity and authenticity of personal data provided and they compromise to keep properly updated. The user accepts to provide complete and correct information in the registration or subscription form.

The Reponsible, does not response about the veracity of information, which are not of their own development, and which it indicates other source, so neither assumes any responsibility about hypothetical prejudices caused using this information. The Reponsible is exonerated of any responsibility in front of any damage or prejudice that the user might suffer because of mistakes, defects or omissions in the information provides by the Reponsible in appropriate cases from sources outside the Reponsible.

Transferring data to third parties

The Reponsible, does not submit personal data to third parties. However, in case of submission to some third party there would be a previous information requesting the express agreement of the affected by the article 4.11 of the Regulation (EU) 2016/679

Data retention

In any case, the storage time will be indispensable keeping at the very least: 

  • 4 years: The Labour Infringements and Penalties Law (obligations in terms of affiliation, registrations, cancellations, quotes, payment of salaries…) and the article 66 and subsequent articles of the General Tax Law (account books…)
  • 5 years: the article 1964 of the Civil Code (personal shares without special deadline)
  • 6 years: the article 30 of the Commercial Code (account books, invoices…)
  • 10 years: the article 25 of the Law on the Prevention and Fight against Money Laundering and Terrorist Financing

The exercice of the rights to access, rectification, suppression, limitation, portability and opposition

You might address your communications and exercise the rights to access, rectification, suppression, limitation, portability and opposition via e-mail tac.c1718978487c-sir1718978487i@ofn1718978487i1718978487 or via address:


Moreover, in both cases, you might attach a valid evidence in law like a photocopy of your ID and indicate as a subject “DATA PROTECTION”

Acceptance and agreement

The User declares to have been informed about conditions of the personal data protection and it accepts and agrees its treatment by the Responsible, in the way and for the purposes indicated in this current Data Protection Policy.

Chances in the current privacy policy

The Responsible reserves the right to modify the current policy to adapt it to the new legislation or jurisprudence, as well as to industry practices. In these cases, the Responsible will announce in this page the changes made with reasonable notice of its implementation.


We use the reCAPTCHA service of Google Inc. (Google, hereinafter referred to as Google) to protect the data of our users submitted via the forms on the pages. This service makes it possible to differentiate between data submitted by individuals from automated messages and involves the transmission of the IP address and other data required by Google for the use of the reCAPTCHA service. For this purpose, the data will be transmitted to Google so that it can be used. The IP address will be encrypted by Google in member states of the European Union as well as in partner states of the European Economic Area. Only in exceptional cases will IP addresses be transmitted to a Google server in the USA for encryption. On behalf of the operator of this website, Google will use this information for the purpose of evaluate the use of the service by users. The IP address transmitted by reCAPTCHA will be kept separate from other Google data. Google’s privacy policy applies to this data. Full details of Google’s privacy policy can be found at

By using the reCAPTCHA service, the user consents to the processing of their personal data by Google in the manner and for the purposes set out above.




In accordance with the Regulation (EU) 2016/679, on the 27th of April of 2016 (R. G. P. D) and the Law 34/2002, on the 11th of July, of Information Society Services and Electronic Commerce Services (L. S. S. I. – C. E.), FUNDACIÓ IRIS-CC (INSTITUT DE RECERCA I INNOVACIÓ EN CIÈNCIES DE LA VIDA I LA SALUT A LA CATALUNYA CENTRAL) “the Responsible” informs the users that it has created a profile in social network Twitter and Linkedin with the main purpose to advertise their products and services.


Tax identification code (NIF): G09998055


Telephone: 938815537

E-mail: tac.c1718978487c-sir1718978487i@ofn1718978487i1718978487

Web page:

Foundations Registry: Registration number 3291 dated July 4, 2022

The user has a profile in the same social network, and it has decided to join the webpage created by the Responsible, showing an interest on the information that is advertised in the social network. When the user joins the webpage, it is providing to us its agreement for the treatment of the personal data publish in its profile.

The user might access, at any moment, to the privacy policies of its own social network, as well as setting its profile to ensure its privacy.

The Responsible has the access and handles public information about the user, especially, its contact name. These data are only use inside the own social network. They are not incorporated to any file.

In connection with the rights of access, rectification, deletion, limitation, portability and opposition, which are available for the user, and may exercise in front of the Responsible, in accordance to the Regulation (EU) 2016/679, the user might consider the following nuances: 

*Access: it will be defined by the functionality of the social network and the ability to access to the user’s profiles information. 

*Rectification: it will be only satisfied in connection with the information under the control of the Responsible, for example, removes published comments in its own page. Normally, this right must exercise in front of the social network. 

*Deletion and/or Opposition: as in the previous case, it will be only satisfied in connection with the information under the control of the Responsible, for example, stop the union with the profile. 

*Portability: there is the possibility to transmit data from one responsible to other. By this way, the interested has the right that its personal data will be directly transmitted when it will be technically possible. 

*Limitation: it is a precautionary measure which reduce the treatment of personal data to storage.

The law explains that the interested has the right to obtain the limitation of the data treatment from the responsible of the treatment in the following cases: 

  • When the interested disputes the accuracy of personal data during a term that allows the responsible to verify that accuracy.
  • When the treatment will be illicit and the interested opposes to eliminate its personal data and instead, it requests the limitation of its use.
  • When the interested no longer need personal data for the purposes of the treatment, but the interested needs them for the formulation, exercise or defence of the reclaims.
  • When the interested opposes to the treatment with its right to opposition while it is verifying if the legitimate reasons of the responsible predominate over the legitimate reasons of the interested.

The Responsible realizes the following actions: 

  • Access to the public information of the profile.
  • Publish in the user’s profile all the information that has been already published in the webpage of the Responsible.
  • Send personal and individual messages through communication channels of the Social Network.
  • Updates of the webpages’ status that will be published in the user’s profile.

The user must access to its privacy setting to control its connections, deletes the contents which are not interested to anymore and restricts with who shares its connections.


When the user joins to the webpage the Responsible, it may publish comments, links, images, photos or any other multimedia content that the social network might stand. In all cases, the user is the holder of them, and it possess the copyright and intellectual property or count with the explicit permission of third parties concerned. It is an explicit prohibition any publication in the webpage like texts, graphics, photos, videos, etcetera, which impinge, or they are susceptible to impinge against moral, ethic, good taste or decorum and/or which infringe, violate or dismember the intellectual or industrial rights, the right to images or the Law. In these cases, the Responsible reserves the right to withdraw immediately the content and it might request the permanent lock of the user.

The Responsible is not responsible of the contents, which the user has published freely. 

The user must aware that other users will know its publications, so the user is the main responsible of its privacy. 

The images that may be published in the webpage are not stockpiled in any file by the Responsible but it will remain in the Social Network.

Contests and promotions 

The Responsible, reserves the right to realise contests and promotions in which the user, who is joined to the webpage, might take part. When the social network will be used, the conditions of contests and promotions will be published on it. It always fulfils with L. S. S. I. – C. E. and with any other rule that is applicable. 

The Social Network does not sponsor, endorse or manage any of our promotions and neither they are not associate to any of them.


In any case, the Responsible, uses the Social Network to publish its products and services if it decides to deal with your contact details to realize directly actions of commercial research and it always fulfils with the legal requirements of the Regulation (EU) 2016/679 and of the L. S. S. I. – C. E. 

It will not consider advertising when the user recommends to other users the webpage of the responsible, to enjoy its promotions or to be aware of its activity.

Hereafter, we detail different links to the privacy policy of the Social Network: