1. WEBSITE MANAGER
This website is the responsibility of Cambridge University Press, Suc. Iberia (hereinafter Cambridge), with CIF: W0064249F; company domiciled at c/ José Abascal 56, 1º - 28003 Madrid (Madrid), entity entered in the Register of Foundations (registration number 250CUL-EXT). For further information, contact iberia@cambridge.org.
2. RATIONALE
Cambridge respects the privacy rights of its Users and recognizes the importance of protecting the personal data that Cambridge collects about its users.
The purpose of this document is to inform Users of the website about the processing of personal data conducted on this website.
3. PERSONAL DATA PROCESSED BY SIMPLY ACCESSING THE WEBSITE
3.1. What data is processed?
By simply accessing the website, Cambridge collects the IP address and other data relating to the connection and its origin. The IP address is a code that identifies the User’s internet connection at a specific time. Only the User's Internet access provider can identify the subscriber assigned an IP address at a particular time.
Due to the very nature of the server that supports the website, the User’s IP address is automatically recorded along with the date and time of access.
3.2. What is this data used for?
This data is only used to manage the normal use of the website and to perform statistical analysis on the use of the website.
3.3. Recipients of the data
Cambridge does not provide this information to any third party unless obliged to do so by law (e.g., an official request in the context of a police investigation).
3.4. Legal processing
The legal basis for legitimate processing of the IP address is the technical requirement to enable the provision of the website.
3.5. Data processing period
IP addresses shall be kept for a period of 7 days.
4. WHAT RIGHTS USERS HAVE AND HOW TO EXERCISE THEM
Data protection regulations guarantee users the following rights:
- Access: allows the User to know what information is available, where it has been obtained, to whom it has been provided and with what uses it has been processed.
- Rectification: allows the User to rectify any erroneous or out-of-date data.
- Suppression: allows the User to stop processing their data.
- Opposition: allows the User to stop using their data for a specific purpose.
- Limitation: allows the User to restrict the processing of their data, but in such a way that they are kept for a later purpose.
- Portability: allows the User to obtain a copy of their data in electronic format and, in certain circumstances, request that they be communicated to another service provider. It is only applicable for computerized processing conducted with the consent of the user or for the fulfilment of a contract.
- Revocation of consent: allows the User to withdraw the consent that, where applicable, they have provided for processing their data.
These rights require the possibility to identify the User requesting them and to link their identity to the data processed by Cambridge.
However, Cambridge cannot establish this link with any of the data it processes simply by accessing the website unless the User can provide certain documentation allowing identification (e.g., a certificate from their Internet service provider indicating the IP address the User was assigned at a specific date and time.)
Users are informed that they can exercise the aforementioned rights before Cambridge and revoke their consent for the processing that had provided it, by post to the above address or by email to arco@cambridge.org.
If Users require further information or consider their right to data protection violated, they may contact the Spanish Data Protection Agency (www.aepd.es).
5. OTHER PROCESSING OF PERSONAL DATA
5.1. Cookies and similar
Cambridge uses cookies and other similar storage and retrieval mechanisms on terminal equipment (hereinafter, Cookies).
Cookies are files that are downloaded to the User’s browser and can be read later by Cambridge. In this way, cookies allow various functionalities, such as recognizing a User who has already accessed the website before and being able to analyse the use of the web service to improve it.
However, it is impossible to determine the User’s identity from the cookies used by Cambridge, unless the User provides additional information by other appropriate means, and these can be linked to the cookies downloaded by the User.
For further information, see the Cookies Policy.
5.2. Website Forms
Cambridge has several forms on its website through which it collects personal data.
5.2.1. Registration Form:
Cambridge will process the information and personal data provided and authorized by Users to manage the platform’s registration, access, and use.
- Legal basis: The legal basis legitimising the processing is the need to manage registration and access to the platform.
- Retention period: the user’s data will be processed for the above-mentioned purpose until the user decides to unsubscribe from the platform or exercises their right of opposition or deletion. Subsequently, the data will be kept duly blocked for the legally established period to deal with any possible liabilities arising from the processing.
Cambridge informs the user that to verify the data provided, a first email will be sent without commercial content in which the user will be asked to verify the data provided within the period indicated in the email itself.
They may withdraw consent at any time, as indicated in the rights of interested parties’ section of this Privacy Policy.
5.2.2. Contact Form:
Cambridge will process the information and personal data provided to manage the User’s request.
- Legal basis: The legal basis that legitimises the processing is the users' consent expressed when sending their request for contact.
- Retention period: The data will be processed for the time required to resolve the user’s contact request. Subsequently, they will be blocked and kept for 3 years to deal with any liabilities arising from the processing.
They may withdraw consent at any time, as indicated in the rights of interested parties’ section of this Privacy Policy.
5.2.3. Helpdesk form:
Cambridge will process the information and personal data provided to handle the User’s technical query.
- Legal basis: The legal basis that legitimises the processing is the users' consent expressed when sending their technical query.
- Retention period: The data will be processed for the time required to resolve the user’s contact request. Subsequently, they will be blocked and kept for 3 years to deal with any liabilities arising from the processing.
They may withdraw consent at any time, as indicated in the rights of interested parties’ section of this Privacy Policy.
Data provided by users through the corresponding forms may be shared by Cambridge with companies that are part of the same business group, in particular with the parent company located in the United Kingdom, whose legislation does have a personal data protection level equivalent to that of the European Union.
6. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION REQUESTED
The mandatory information on each form will be identified as such on the form itself. Refusal to provide this information will prevent the service requested by the User to be implemented.
7. USER COMMITMENTS
The User undertakes to inform Cambridge of any changes to the information provided by e-mail to arco@cambridge.org, identifying themselves as Website User and specifying the information to be modified.
Furthermore, the User undertakes to keep the passwords and identification codes secret and to inform Cambridge as soon as possible in the event of loss, theft, or unauthorised access. Until such time as this notification is made, Cambridge shall be exempt from any liability that may arise from the improper use of such passwords and identification codes by unauthorised third parties.
8. THIRD PARTY DATA PROVIDED BY THE USER
In the event that the User provides personal data of third parties for any purpose, they guarantee to have previously informed the affected parties and to have obtained their consent for the communication of their data to Cambridge. The User guarantees that the persons concerned are over 14 years of age and that the information provided is accurate and truthful.
Cambridge will check the consent of those concerned by means of a first email with non-commercial content requesting verification of the consent given on their behalf by the User.
If any liability arises from a breach of these conditions by the User, the User shall be liable for the consequences of such breach.
9. SENDING COMMERCIAL COMMUNICATIONS
Cambridge informs the user that the commercial communications requested by the user or if the latter has not objected to receiving them by ticking the corresponding boxes on the forms, they shall be sent via Marketing Hub on HubSpot.com, whose servers are located in the USA, a country whose legislation does not offer a level of data protection equivalent to that of Europe.
However, adequate guarantees are provided through the signature of standard contractual clauses approved by European Commission Decision 2021/914/EU.
The tool used to send commercial communications by e-mail will include links and minute, transparent images that will be associated with your e-mail address. In this way, when one of these images is downloaded or accesses the links contained in the email, Cambridge can know for statistical purposes if the email has been opened or if a link has been accessed from that email. They can prevent such use by setting their e-mail manager or software to prevent automated image downloads and by not accessing links in e-mails you receive.
In each communication, the user may object to receiving this type of information through the specific mechanisms for processing the unsubscription and requesting, where appropriate, the right to revoke consent, opposition, or deletion.
10. FURTHER INFORMATION
If the user has any questions about the information collected in our Privacy Policy, they can email arco@cambridge.org.