In compliance with the General Data Protection Regulation (GDPR) and Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), below we provide detailed information on the processing of personal data carried out through this website and the Materioteca:
Data controller
Company name: UDIT ESTUDIOS SUPERIORES INTERNACIONALES, S.L. (University of Design, Innovation, and Technology)
Tax ID number: B84014265
Registered office: Avenida de Alfonso XIII, nº97, 28016 Madrid (Spain)
Phone: 915 552 528
Email: proteccion.datos@udit.es
Contact details for the Data Protection Officer (DPO)
UDIT has appointed a DPO to the Spanish Data Protection Agency. You can contact the DPO at UDIT’s registered office, or easily and free of charge, by emailing dpd@udit.es.
You can check the registration of UDIT’s DPO on the Spanish Data Protection Agency website, in the “DPO Consultation” section: https://www.aepd.es/
Categories of data
Through the contact, registration, and application forms provided on this website, the data controller may obtain personal information about you. In general, non-sensitive and low-criticality data will be processed, such as identification data (e.g., name, surname), contact details (e.g., email), and academic data (e.g., academic degree, course).
We will not request specially protected data and we guarantee maximum confidentiality in the processing of your information.
Purposes
The data controller will process the information provided by the data subjects (interested parties) for the purpose of managing and processing requests received through this website in relation to the use of materials and content from the Materioteca, as well as to manage your registration on the website. It will also be used to maintain communication with you, to send you electronic communications of an informative nature regarding requests made through this website and, where appropriate, of a promotional nature regarding the content published on this website or initiatives undertaken by the Materioteca. Similarly, we may process the data to respond to queries and requests submitted through the forms and contact methods indicated on this website.
Legal basis
Below, we indicate the legal basis for the processing of your personal data:
- Consent of the data subject (Art. 6.1 a) GDPR), given by you through your acceptance of this Privacy Policy, in any registration, application, or contact forms enabled on this website.
- In the case of acceptance to receive promotional communications via electronic means, the basis for legitimacy will be your express consent, in accordance with the provisions of Art. 21 of the LSSI-CE (Law on Information Society Services and Electronic Commerce). We will always require acceptance (opt-in) through a checkbox enabled, in such cases, on the appropriate forms.
Retention period
Personal data will be retained for as long as it is useful for the purposes for which it was obtained. In general, it will be retained for as long as it is necessary to process the request and for its management and processing. Once this period has ended, the data controller may retain the data in a blocked form, subject to security measures that guarantee its inaccessibility and processing, and it will only be available to judges and courts, public administrations, or the Spanish Data Protection Agency, during the limitation periods for actions established in current legislation, in order to determine any possible liabilities arising from the processing. Once these periods have elapsed, the data will be securely and permanently deleted.
Recipients
In general, your personal data will not be communicated or transmitted to third parties, nor will it be subject to international data transfers outside the European Economic Area (EEA), i.e., the countries of the European Union (EU), together with Liechtenstein, Iceland, and Norway.
Should this circumstance change and it become necessary to communicate data to third parties or make international transfers outside the European Economic Area (EEA), you will be duly informed of this through information clauses and by updating this Privacy Policy.
Similarly, we inform you that only on certain occasions, certain service providers (e.g., IT providers) may have occasional access to your personal information, within the framework of providing a service to the data controller, and always after signing the mandatory data processing or confidentiality agreement.
Exercise of rights
In accordance with the GDPR, you may exercise your rights of information, access, rectification, erasure, restriction, objection, and portability, as recognized in the aforementioned legislation, at any time.
Thus, anyone has the right to obtain information about whether the controller is processing their personal data or not. Likewise, they will have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
In certain circumstances, interested parties may request the limitation of the processing of their data, in which case we will only keep it for the exercise or defense of claims.
Similarly, in certain circumstances and for reasons related to their particular situation, interested parties may object to the processing of their data. In this case, the controller will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
Finally, you may also exercise your right to data portability, when appropriate, relevant, and necessary, and when such portability can be carried out automatically.
You may exercise your rights by sending a request to the data controller’s registered office, located at Avenida de Alfonso XIII, nº97 – 28016 Madrid, or simply and completely free of charge by sending an email to proteccion.datos@udit.es.
If you have given your consent for a specific purpose, you have the right to withdraw your consent at any time, without this affecting the lawfulness of the processing based on your consent prior to its withdrawal.
You can obtain more information about your rights on the website of the Spanish Data Protection Agency (AEPD): https://www.aepd.es/derechos-y-deberes/conoce-tus-derechos
Complaints to the Spanish Data Protection Agency
If you wish to file a complaint in defense of your rights with the competent Data Protection Supervisory Authority, you can do so via the website of the Spanish Data Protection Agency: https://www.aepd.es/
Security measures
UDIT has implemented Information Security and Data Protection Policies, in line with the guidelines and obligations contained in the GDPR, and within the framework of its proactive responsibility as data controller.
For the processing of your personal data, the necessary technical and organizational measures will be taken to guarantee the confidentiality, integrity, security, and availability of the data, protecting your privacy and ensuring that you can exercise your rights.
Additional information
If you have any concerns, questions, or queries regarding data protection, you can send an email to: dpd@udit.es
Last update: october, 2025
