This page complements and expands the information provided in the school's various data collection forms.
WHO IS RESPONSIBLE FOR THE TREATMENT OF YOUR DATA?
Aspace Catalunya Foundation – CIF: G08393936 – c. Tres Pins 31, 08038, Barcelona
932002534 - aspace@aspace.cat
Data protection delegate contact: protecciodedades@aspace.cat
FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?
At the SCHOOL, we process the information provided by interested parties in order to:
- to school
- Provide healthcare as part of the Day Hospital service, with which we complete the patient's clinical history. This same information is used in the invoicing processes for the services provided by ASPACE as a provider of CatSalut and Social Services.
Additionally, the data may be used (with the express consent of the person concerned) for other purposes, such as:
- Clinical research.
- Scholarship management, if applicable.
- Dissemination of the entity: information regarding the processing of data with it purpose
- Management of data for students on internships within the school.
Users of ASPACE's health service can be given a “criticality or complexity profile” based on the information provided. In no case are automated decisions made based on this profile.
HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
The health data provided by the interested persons will be kept throughout the care process and once it has ended, in accordance with law 21/2000, they will be kept for a minimum of 15 years, with the term being able to be extended in case of relevant data for healthcare purposes, advance wishes, epidemiological and research data.
The rest of the academic data (admission, registration, etc.) will be deleted after 5 years once the schooling process has ended.
WHAT IS THE LEGITIMATION FOR THE TREATMENT OF YOUR DATA?
The legal basis for the processing of your data is:
- schooling: Compliance with legal obligations in accordance with article 6.1 letter c) and in accordance with article 9.2 letter h) of the General Data Protection Regulation.
- Day Hospital Service: The execution of healthcare as an entity providing public health services, in accordance with article 9.2 letter h) and article 6.1.c) of the General Data Protection Regulation.
- Other purposes: The express consents of the interested party, without in any case the withdrawal of any of these consents conditioning schooling and health care within the framework of the Day Hospital.
TO WHICH RECIPIENTS WILL YOUR DATA BE COMMUNICATED?
The SCHOOL transmits data on patients treated there to:
- Generalitat de Catalunya (Education Department): curricular and enrollment data.
- Department of Health: Health data of users of health and rehabilitation services for the Department's different databases and records, as well as the Computerized Clinical History of Catalonia.
- Adapted transport companies, (name, address and contact details) in the event that the student needs this service.
- Orthopedics: In the event that the family requests it, the necessary health data is provided to adapt the adaptations required by the person concerned. There is a treatment manager contract with each orthopedist that regulates the privacy of the data used.
- Public and private entities, for the management of transport and other types of grants.
- Public and private entities that have a direct relationship with the student: as part of the educational and assistance process, we coordinate with public and private entities that have a relationship with the entire linked network. (ONCE Foundation)
- Other users and families: through the images that appear on the communication panels in order to communicate with families and other users.
Apart from the above, ASPACE contracts different products or services in order to carry out the school activity:
- iSalus: Offers connection services to CatSalut applications. There is a data processor contract that regulates the privacy of the data used.
- ecosystem: Aspace uses Office 365 as a corporate mail server, under the EU-US Privacy Shield agreement. Information available at: https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK
WHAT ARE THE RIGHTS WHEN THE DATA IS PROVIDED TO US?
- Anyone has the right to get information about whether at the Aspace Catalunya Foundation we are processing personal data that affect them, or not.
- Interested persons have the right to access to your personal data, as well as to request the rectification of inaccurate data or, where appropriate, request yours deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
- Interested persons have the right to request the portability of your data. The Aspace Catalunya Foundation will facilitate this portability as long as it is technically feasible.
- In certain circumstances, those interested may request the limitation of treatment of your data, in which case we will only keep them for the exercise or defense of claims.
- In certain circumstances and for reasons related to their particular situation, those interested may object to treatment of your data. The Aspace Catalunya Foundation will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
- The interested person has the right to withdraw any consent previously granted This will not affect the legality of treatments already carried out based on withdrawn consent.
- For exercise any of these rights, the interested person will have to address Carrer Tres Pins 31-35 in Barcelona or the electronic address protecciodedades@aspace.cat, providing an identification document and setting out the right that you want to exercise, and if applicable the reasons or particular situation that makes it necessary. A right request form can be found at the web address: www.aspace.cat/protecciodedades.
- In any case, the interested person can present one claim before the Catalan Data Protection Agency if you believe that the Aspace Catalunya Foundation has not satisfied your rights correctly.
HOW DID WE OBTAIN YOUR DATA?
In general, the data we process are always provided by the interested person or their family. For the Day Hospital, additional data can be obtained from the following CatSalut records:
- Central Register of insured persons: Administrative and contact details.
- Shared Clinical History of Catalonia: Health data from other health centers.
- Electronic Recipe: Prescription data.
In some cases, information can be obtained from other sources (educational, health and social centers and services) related to the student, mainly:
- Previous educational centers, if applicable
- EAP
- PADES (Vall d'Hebrón, Sant Joan de Déu and Germans Tries i Pujol Hospitals)
- Barcelona Education Consortium (RALC application and others)
- Social Services
- DAILY
- ONCE Foundation
