Legal disclaimer and Privacy Policy

Legal information

In accordance with the duty of information required in Article 10 of Law 34/2002, of 11 July, of Services of the Information Society and Electronic Commerce, we report that the content of this website  (from now on “Web”) belongs to FUNDACIÓ INSTITUT DE RECERCA DE L’HOSPITAL DE LA SANTA CREU I SANT PAU, with its domicile in Sant Quintí Street, number 77-79, 08041, Barcelona, Spain and with CIF No G-60.136.934.  This legal notice regulates the terms of use of the aforementioned Internet portal.

User Acceptation

This Legal notice regulates access, navigation, and the use of the following website, which the FIRHSCSP makes available to Internet users.  Access to it therefore implies the acquisition of the user condition and thus acceptance of the web usage conditions.  In case of disagreement with the conditions, the use of the website must be stopped. The user is informed, and accepts, that access to the present website does not in any way imply the start of a trade relationship with FIRHSCSP.

Content and Use

Visiting the website by the user will have to be done in a responsible manner and in accordance with the law in force, the good faith, this Legal notice, and with the intellectual and industrial property rights of the FIRHSCSP.  The website provides a wide variety of information, services and data.  The user assumes their responsibility for the correct use of the website.

The use of any content on the website for purposes that are or may be illegal is totally prohibited, as is the conduct of any action that causes or may cause damage or alterations of any kind not consented by FIRHSCSP, to the website or its contents. The entity reserves the right to make any changes it deems appropriate on its website without warning, which can change, delete or add both content and services provided through it and the way in which they appear presented or located on its servers.


FIRHSCSP makes available to users different means of contact on its website.  The use of personal information received through the various email addresses arranged for communication purposes with the FIRHSCSP is subject to its Privacy Policy.  In no case does mere communication involve hiring of the FIRHSCSP.

Responsibilities and guarantees

FIRHSCSP declares that it has taken the necessary measures which, within its possibilities and the state of technology, allow the proper functioning of the web as well as the absence of viruses and harmful components.  However, the FIRHSCSP cannot be responsible for the following situations which are listed in a statement but not limited:

  • The continuity and availability of the contents.
  • The absence of errors in these contents or the correction of any defect that could occur.
  • The absence of viruses and/or other harmful components.
  • The damage or damage caused by anyone who violates the security systems of the FIRHSCSP.
  • The use that users can make of the content included on the web. Consequently, FIRHSCSP does not guarantee that users can make use of content that may be included on the website in accordance with this legal notice, nor that the use of the website is diligently made.
  • Use by minors on the website or sending their personal data without the permission of their guardians, being the guardians responsible for their use of the Internet.
  • Contents that the user can access via unauthorized or user-entered links using similar comments or tools.
  • The introduction of wrong data by the user or a third party.

FIRHSCSP may temporarily suspend access to the site for maintenance, repair, upgrade or upgrade operations without prior notice.  Consequently, FIRHSCSP will not, under any circumstances, be responsible for any damage that may result from lack of availability or accessibility to the website or disruption to the operation of the website.  However, as long as circumstances allow it, FIRHSCSP will inform the user, in good time, of the planned date for suspension of content.

In addition, in accordance with the arts. 11 and 16 of Law 34/2002 of 11 July, of information society services and e-commerce, FIRHSCSP commits itself to the elimination or, if necessary, to block content that could affect or be contrary to existing legislation, third party rights or morality and public order.

Links Policy

FIRHSCSPdoes not make itself responsible for the content of websites that the user can access through the links established on their website and declares that in no case will they proceed to examine or exercise any control over the content of other sites on the network.  Nor will it guarantee the technical availability, accuracy, truth, validity or legality of sites other than their property which can be accessed through links.

Intellectual and Industrial Property Policy

FIRHSCSP is the exclusive holder of the rights relating to its website and social networks, hence all the contents, graphic design and codes that form part of are wholly owned by FIRHSCSP.  The reproduction, distribution, public communication, processing or any other activity that is carried out with the content is prohibited, even if the sources are cited, unless the prior, express and written consent of the Foundation for Research is granted.

FIRHSCSP does not grant any authorization for use of any class on its intellectual and industrial property rights or any other property or law related to the web, and it will not be understood under any circumstances that access and navigation of users implies a total or partial withdrawal, transmission, license or cession of these rights by the FIRHSCSP.  Any use of these previously unauthorized content will be considered a serious breach of intellectual or industrial property rights and will result in legally established responsibilities.  FIRHSCSP reserves the right to exercise judicial and extrajudicial actions against the user.

Use of cookies

The website may use cookies (small text files that the server sends to the computer of the person accessing the page). This is a technique commonly used on the Internet to perform certain functions that are considered essential for the proper functioning and display of the site.

The cookies used on the website are, in any case, temporary in nature for the sole purpose of making their subsequent transmission more effective and disappear at the end of the user’s session. Under no circumstances will cookies be used to collect personal information.

From the customer’s website, you may be redirected to third-party content. As FIRHSCSP cannot always control the content entered by third parties on its websites, it does not assume any responsibility for such content.

In any case, FIRHSCSP agrees to the immediate removal of any content that may violate national or international law, morality or public order, proceeding to the immediate removal of the redirect to this website and notifying the competent authorities of its content.

Data protection Clause 

In accordance with the current legislation on Protection of Personal Data, users are informed that their data will be incorporated into the Activity Register of Treatment Activities owned by FIRHSCSP in order to manage user requests.

In compliance with the current rules, FIRHSCSP informs you that the data will be retained within the strictly necessary time to comply with the requested query.

The data will also be dealt with in a lawful, fair, transparent, appropriate, relevant, limited, accurate and up-to-date way.  That is why FIRHSCSP undertakes to take all reasonable technical and security measures to ensure that these are abolished or rectified without delay when they are inaccurate or not truthful.

Under the data protection rules, users will be able to exercise the rights to access, rectification, limitation of treatment, deletion, portability and opposition to the processing of their personal data and to give up the consent granted for the processing of these data.  The request should be addressed to the following email

Reserved right to modify this legal warning

FIRHSCSP reserves the right to amend this legal notice to adapt it to any change or regulatory novelty, for technical reasons, by changes in the services offered by the FIRHSCSP or by strategic decisions of the entity.  In these cases, the changes which will be noticed with prudential advance and they will be indicated as soon as they begin to have full effects. If the user does not agree to the changes, he/she must stop using the website.  Using the website after the changes are made will involve accepting them by users.


If any of the present provisions were considered null, invalid or inapplicable, this provision (or the part declared null, invalid or not applicable) would be invalid, without affecting the validity and applicability of the remaining provisions.



Data controller:

Fundació Institut de Recerca de l’Hospital de la Santa Creu i Sant Pau (FIRHSCSP)

Processing purposes:

  • Informative web page.
  • Management of inquiries via email.
  • Management of selection processes.
  • Access to the private INTRANET area.
  • Management of donations received.

Legitimation of the processing

  • Express consent of the interested party.
  • Execution of a contract.
  • Legitimate interest for data processing.
  • Compliance with legal obligations.

Data storing

  • The data will be stored for the time strictly necessary to fulfill the purposes collected; provided that the interested party does not revoke its consent, as well as for the fulfillment of legal obligations.


  • Personal data collected through the website will not be transferred to third parties. Without prejudice to those third parties that provide services to the IR in order to process requests made by the interested parties.

Rights of the interested parties

  • Access, rectification, opposition, deletion (‘right to be forgotten’), restriction of processing, portability and of not being object of individualised decisions.

Sitios web:

Additional information

  • You can consult the additional and detailed information on Data Protection in the annexed clauses that are found below.


In compliance with articles 13 and 14 of the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT and OF THE COUNCIL of April 27, 2016, relative to the protection of the physical persons regarding the treatment of personal data and at the free circulation of these data (onwards, “GPDR”), and articles 6 and 11 of the Organic Law 3/2018, of 5 of December, of Protection of Data of Personal Nature and guarantee of the digital rights (onwards, “LOPDGDD”), which regulate the law of information at the collection of data, we inform you of the following terms.

Who is the controller of your personal data?

The personal data that has been supplied to us through the website and or by any other communications maintained with you will be object of the Registry of Activities of Treatment titularity of Fundació Institut de Recerca de l’Hospital de la Santa Creu i Sant Pau with domicile at street Sant Quintí, n. 77-79, Barcelona 08041, Spain and e-mail

FIRHSCSP has profiles on the principal social networks of the Internet.

The users, by joining the page of FIRHSCSP do consent the treatment of those personal data published on their profile. FIRHSCSP will have access to the public information of the user profile, will be able to realise publications at the user’s profile regarding already published information at his profile as well as realising updates of the state of the page that will be published at the user’s profile. In the same way, FIRHSCSP will be able to use these profiles to inform its users of subjects about information that it considers of their interest, even through personal and individual communications by means of the canals established by the referred social networks.

FIRHSCSP recognises itself as data controller of his users’ data, followers, or persons that realise comments through his social networks. Nonetheless, in accordance with the Law of Society of the Information Services and of Electronic Trade, FIRHSCSP is exonerated of any kind of derivative responsibility regarding any kind of content published by the users and followers at its social networks.

Which personal data do we collect?

The personal data that the user may provide:

  • Identifying Data: Name and surnames.
  • Contact Data: Phone number and e-mail address.
  • Internet Data: INTRANET User name and password.
  • CV Data: academic and/or professional Data.
  • Financial Data: Bank account number.
  • Any other information or data included in your CV.

 Why and for what do we treat your data?

Depending of the purposes we will need to process some data or other, that in general will be, according to the case, the following:

  • The website is totally informative on the activities of the FIRHSCSP. The data can be processed to respond at the requests of information on these activities.
  • The collection and the automated process of data that is realised through the access to the INTRANET of FIRHSCSP, that collects so as to verify his identity.
  • The collection and processing of data that is realised through the section ‘Job Openings’ is collected so as to study the possibility to work with us.

The personal data obtained through any of the website canals will form part of the Registry of Activities and operations of Treatment (RAT) titularity of FIRHSCSP. This will update periodically in accordance with what is established at the RGPD; FIRHSCSP has adopted all the pertinent security measures at this sense.

We inform the user of the possibility to remove his consent in case that is has been awarded for some specific purpose, without this affecting the precedent legality of the treatment based on the previous consent at his withdrawal.

Which is the legitimacy for the processing of your data?

The treatment of your data can be based on the following legal bases:

  • Express consent by the users at the sending of communications to any one of the electronic addresses of command: exposed at the website and/or telephone numbers. Likewise, for the sending of curriculums for those that are interested to work for FIRHSCSP.
  • Application of contractual measures for the access to the INTRANET of the FIRHSCSP.
  • Application of precontractual and/or eventually contractual measures at the frame of a possible labour account with the users that present their candidatures to future selection processes of
  • Legitimate interest related to the following purposes: Profiles elaboration by means of the user’s navigation at the website.

The legitimate interest of FIRHSCSP consists at being able to guarantee that our website remains secure, as well as helping us at comprising the necessities, expectations and the level of indulgence of the users and, therefore, improve our services.

All the actions are realised with the purpose to improve the level of indulgence of the users and assure a unique experience of navigation.

  • Fulfilment of legal obligations for fraud prevention, collaboration the with Public Authorities and/or eventual claims of third parties.

For how long do we store your data?

The processing of the data with the purposes previously described will be maintained during the necessary time to comply with the purpose of its collection, as well as for the fulfilment of the legal obligations that derive from the data treatment. Notwithstanding that the storing becomes necessary for the formulation, the exercise or the defence of potential claims; always when it is permitted by the applicable legislation.

FIRHSCSP undertakes to cease the processing of the personal data when the term of storing has finalised, as well as blocking them duly at our databases.

The curriculums vitae will be stored at most during a year since the onset of the selection process. In case the interested party wishes to exercise any right to data protection, they must contact us by e-mail:

 At which addressees do we communicate your data?

In general, FIRHSCSP will not transfer personal data to third parties, except in those situations in which this information can be transferred to collaborators that provide services to FIRHSCSP, with the purpose to transact requests formulated by these. In these cases, we make sure that the addressees respect the confidentiality and have the suitable measures to protect the personal data.

FIRHSCSP guarantees the security of the personal data when it is sent out of the entity. The third party that FIRHSCSP hires, has the obligation to guarantee that the information is processed in accordance with current data protection regulations

In those cases in which the law may require that personal data be disclosed to public bodies or other parties, only what is strictly necessary for the fulfilment of said legal obligations will be disclosed.

The FIRHSCSP communicates data to external providers, such as data processors, to carry out certain services:

  • Donations made to the entity are managed through the banking entity CAIXABANK.

Where is your data stored?

In general, the data is stored in Spain (Barcelona), within the European Union (EU). In order to guarantee a sufficient level of protection for those sent to third countries that do not belong to the EU, the FIRHSCSP will take sufficient technical and organizational measures.

 What rights do you have and how can you exercise them?

You can direct your communications and exercise your rights by means of a written communication to the following email: Please, attached the ID Card.

For more information, please visit the website of the Catalan Data Protection Authority, and/or the Spanish Data Protection Agency,

By virtue of what is established by the regulations on data protection, you can request:

  • Right of access: you can request information about the personal data that we have about you.
  • Right of rectification: you can communicate any change in your personal data.
  • Right to delete and be forgotten: you can request the deletion after blocking personal data.
  • Right to limitation of processing: involves the restriction of the processing of personal data.
  • Right of opposition: you can withdraw your consent to the processing of the data, opposing their further processing.
  • Right to portability: in some cases, you can request a copy of the personal data in a structured, commonly used and machine-readable format for transmission to another person in charge.
  • Right not to be the subject of individualized decisions: you can request that decisions not to be made based solely on automated processing, including profiling, that produce legal effects or significantly affect the interested party.

In some cases, the request may be denied if you request that data necessary to comply with legal obligations be deleted. Likewise, if you have any complaint about the processing of data, you can file a claim with the competent data protection authority.

Who is responsible for the accuracy and veracity of the data provided?

The user is solely responsible for the veracity and correctness of the data provided through any means of communication, exonerating the FIRHSCSP from any responsibility in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information in the forms they fill out.

The FIRHSCSP is not responsible for the veracity of the information that is not of its own and for which another source is indicated, and therefore does not assume any responsibility for hypothetical damages that may arise from the use of such information.

The FIRHSCSP is exonerated from liability for any damage or harm that the user may suffer as a result of errors, defects or omissions, in the information provided by FIRHSCSP, provided that it comes from sources other than it.

What security measures do we apply to protect your personal data?

FIRHSCSP has adopted the security levels for the protection of personal data legally required, and endeavours to install those means and additional technical measures within its reach to prevent loss, misuse, alteration, unauthorized access and theft of personal data provided to the FIRHSCSP. However, the user must be aware that Internet security measures are not impregnable.

For this reason, FIRHSCSP is not responsible for hypothetical damages that may arise from interference, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operational functioning of this electronic system, due to reasons beyond the control of the FIRHSCSP; of delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties through illegitimate interference beyond the control of the FIRHSCSP.

How do we use cookies?

The website and social networks of the FIRHSCSP use cookies for the purpose of optimizing and personalizing your browsing through them. Cookies are physical files of information that are housed in the user’s own terminal, the information collected through cookies serves to facilitate the user’s navigation through the portal and optimize the browsing experience. The data collected through cookies can be shared with their creators, but in no case will the information obtained by them be associated with personal data or data that can identify the user. However, if the user does not want cookies to be installed on his hard drive, he has the possibility of configuring the browser in such a way that it prevents the installation of these files.

Recommendation of sites / web pages

FIRHSCSP, when recommending or linking to a website/page, considers that they are of interest to the user.

However, FIRHSCSP has no obligation to supervise the sites/web pages that it links to or recommends. They have been created by legal entities, individuals or entities without legal personality outside the H FIRHSCSP. It does not intervene in their management, finances them, decides regarding the incorporated content, nor manages or participates in the services that the linked or recommended websites/web pages provide.

The FIRHSCSP will cancel any link, refraining from recommending the site/web page when it has reliable evidence that it and/or the services it provides are illegal or damage property or rights of third parties. eligible for compensation.

Internal security policy

Security breaches can be caused by workers, third parties, or computer errors. Therefore, we are legally obliged to notify the interested parties if their personal data has been seriously affected within a maximum period of 72 hours. Additionally, users will be notified as soon as the security breach is resolved.

Modification of the privacy policy

This privacy policy can be modified. We recommend you to review the privacy policy from time to time.

Last update: 06 de June de 2023

This website uses cookies to improve the browsing experience and perform analytical tasks. If you continue browsing, we understand that you agree our cookies policy. More information