Facebook Linkedin Youtube

PRIVACY POLICY

NABSS

USER INFORMATION

THE NATIONAL ASSOCIATION OF BRITISH SCHOOLS IN SPAIN (NABSS), informs you that, in accordance with Regulation (EU) 2016/679 on data protection (GDPR) and Organic Law 3/2018 (LOPDGDD), your personal data will be processed as described in this Privacy Policy.

This Policy explains how we collect your personal data, why we collect it, what we do with it, with whom we share it, how we protect it, and your rights regarding the processing of your personal data.

This Policy applies to personal data collected by the Association for the provision of its services. If you complete any of our forms, you must accept this Policy beforehand, and we will keep a record of that acceptance.

1. DATA CONTROLLER
Corporate name: THE NATIONAL ASSOCIATION OF BRITISH SCHOOLS IN SPAIN (NABSS),
Tax ID No.: G28631752
Address: calle Ferraz 85, 28008 Madrid
Telephone: 91 5500123
E-mail: nabss@acade.es
DPO: dpo.nabss@acade.es

2. PURPOSE, LEGAL BASIS AND RETENTION PERIOD
WORK WITH US

  • Purpose: To process your application for possible vacancies and manage your participation in present or future selection processes.
  • Legal basis: Explicit consent provided when submitting your data and CV.
  • Retention: CVs stored for a maximum period of one year.

 

CONTACT US

  • Purpose: To respond to requests for information, queries or concerns.
  • Legal basis: Explicit consent provided upon completion, acceptance and submission of the form.
  • Retention: Data stored for up to 6 months where no prior contact activity exists.

NEWSLETTER

  • Purpose: To send commercial information about our activities and services, including electronically.
  • Legal basis: Explicit consent provided when completing the subscription form.
  • Retention: Data retained until the user objects or withdraws consent.

3. TYPES OF DATA COLLECTED

The types of data that may be requested include:
– Identification and contact details.
– Personal and social circumstances.
– Academic and professional details.

We also automatically collect data about your visit to our website, as described in the cookies policy. The Association does not collect special categories of personal data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health
data, sexual life or orientation, biometric or genetic data.

Users are responsible for providing truthful, accurate, complete and up‑to‑date information and will be liable for any damage or harm caused by failure to comply with this obligation.

If users provide third‑party data, they declare they have obtained consent from the third parties and undertaken to inform them of this Policy, exempting the Association from liability. The Association may carry out verification checks following due diligence.

4. DATA RECIPIENTS

Personal data may be communicated to:
– Public Administrations, where legally required.
– Courts and Tribunals, where legally required.
– Banks and financial institutions for payment of contracted services.

The Association works with service providers who may access personal data on behalf of the Association. Providers are selected using a rigorous process and are required to sign data‑processing agreements in accordance with Article 28 GDPR.

These providers operate, including but not limited to, in the following sectors:
– Legal advisory services
– Technological and IT services

No international data transfers are carried out. If personal data were to be transferred to a third country or international organisation, you would be informed of the applicable safeguards and how to obtain a copy.

5. USER RESPONSIBILITY

Users guarantee they are over fourteen (14) years old and that the data provided are true, accurate, complete and up to date. Users must update their data to reflect their actual situation and are liable for any damages caused by inaccurate or false information.

If users provide third‑party data, they guarantee they have informed such third parties and obtained their consent.

6. EXERCISING RIGHTS

Users may exercise their rights at any time, free of charge, by writing to the Association or emailing nabss@acade.es

a) Right of Access
To obtain confirmation of whether personal data is being processed and, if so, access to such data.

b) Right of Erasure and Objection
To request the deletion of data when legal requirements are met or object to processing based on legitimate interest.

c) Right of Rectification
To request the rectification of inaccurate or outdated data.

d) Right to Restriction and Withdrawal of Consent
To request processing restriction under certain circumstances (e.g., contesting accuracy), and to withdraw consent at any time.

e) Right to Data Portability
To receive personal data in a structured, commonly used, machine‑readable format and to transmit it to another controller.

f) Rights related to automated decision‑making
Users may request human intervention, express their viewpoint and contest automated decisions, including profiling.

Users may lodge a complaint with the Spanish Data Protection Agency (www.aepd.es) if they consider their rights have been infringed.
Response time: one month from receipt of the request, extendable by two months for complex cases or multiple requests.

7. SECURITY MEASURES

The Association will process user data confidentially and adopt technical and organisational measures to ensure data security and prevent alteration, loss, unauthorised processing or access.

8. ACCEPTANCE AND CONSENT
The user declares they have been informed about the conditions governing personal data protection and accepts this Privacy Policy.

9. MANDATORY NATURE OF DATA PROVISION

Required fields in forms must be completed for their purposes to be fulfilled. If not provided correctly, we may be unable to process requests, though certain website content may still be viewed freely.

10. UPDATING THE PRIVACY POLICY
We strive to continuously improve our services, processes and protection of data subjects’ rights. We therefore reserve the right to revise this Privacy Policy whenever deemed appropriate. Changes will be communicated to users. Users are encouraged to review the latest version regularly.

Last update: 13/11/2025