Open Innovation Campus

Privacy Policy

1. Our principles and the purpose of this Privacy Policy

Telefónica Group companies are committed to respecting the privacy of users and the secrecy and security of personal data, in accordance with the provisions of applicable data protection legislation.

Your privacy and the security of your data is our priority. It is part of our DNA and is reflected in the principles that govern our Privacy Policy:

In compliance with these principles, below you will find the sections that make up our Privacy Policy, where we inform you about everything necessary for you to maintain control over your data.


2. Who is the data controller?

Telefónica Open Innovation, S.L.U. (formerly named as “Wayra Investigación y Desarrollo, S.L.U.) ("Telefónica"), company with ID number B86230562 and registered office at Ronda de la Comunicación, SN, C.P. 28050, Madrid will be the data controller for the processing of your data in accordance with what we inform you in this Privacy Policy.

We also have appointed a Data Protection Officer who ensures compliance with applicable data protection legislation at Telefónica, and who can be contacted for any questions, doubts and/or complaints you may have when we process your data, by writing to [DPO email which, unless the company has designated another specific email address, would be DPO_telefonicasa@telefonica.com].


3. What data is processed, for what purpose and why do we process the data?

On the web: oicampus.telefonica.com

For what? Purposes of the treatment: The purpose of the treatment that we are carrying out is to manage the requests of:

  1. Contact through the different forms in the "contact us" section and to strengthen the projects, initiatives and open innovation activities carried out by the different institutions and companies of the Telefónica Group.
  2. Registration through the forms enabled in calls for challenges, innovation challenges, or any other activity linked or published in / from Telefónica's Open Innovation Campus.

Why? - Applicable legal basis: the legal basis on which we rely to carry out that purpose is the consent given in the checkbox.

What data?
  1. The data that we treat for this purpose from the "contact us" section are the name, the email, and any other personal or informative data that is provided in the forms enabled for each typology described as University / Institution and Talent.
  2. The data that we treat for this purpose from the "participate" section are the name, the email, and any other personal, informative, file or link data, which is provided within the forms enabled in each call for challenges, innovation challenges, or any other activity linked or published in / from Telefónica's Open Innovation Campus.

Where does the data come from? – Data source: the source of the data we process for this purpose is given by you.

Who do they belong to? Categories of interested parties: the data we process for this purpose refers to any person or entity interested in contacting us; entities, institutions, universities, students, doctoral students, professors, researchers or any other interested person.

How long is the data processed? - Retention periods: the data we process for this purpose will be deleted in accordance with our internal policies, but not more than three years.


4. How long is the data retained?

In general, we will keep your data for the period necessary to comply with each of the purposes described in each processing activity and to determine the possible liabilities that may arise from that purpose.

In any case, your data will be kept in accordance with the retention criteria or specific periods described in each processing activity and, where appropriate, until you withdraw your consent and/or object to the processing of your data. In this regard, we will make our best efforts to provide you with an automatic and simple mechanism so that you can withdraw the consent granted and/or object to the processing and, in any case, we are at your disposal at the e-mail address for exercising your rights as indicated in section 6 of this Privacy Policy.


5. Who is the recipient of the data? are there any international transfers of data?

In order to carry out the processing purposes described above, we may make use of authorised subcontractors acting on behalf of Telefónica, as data processors (e.g. internet service providers, data hosting and technical support providers, e-mail providers, general service providers and physical security service providers, etc.) and contractually subject to our instructions, only for the lawful purposes described above and only for the period of time strictly necessary for that purpose.

Where authorised subcontractors acting on behalf of Telefónica or such recipients are located or process your data outside the European Economic Area, we will be making an international transfer of your data in accordance with applicable data protection legislation. In general, we will avoid international transfers of data and your data will be processed within the European Economic Area. However, in the event that such international transfers are necessary, we will take the necessary organisational, technical and contractual measures to ensure the protection and security of your data, such as, for example, signing the European Commission's Standard Contractual Clauses with the authorised subcontractor or third party recipient, carrying out impact assessments on the relevant international transfer to assess the risk and adopt measures to mitigate it, encryption of data in transit or at rest, pseudonymisation of the data transferred, the possibility for the data subject to claim damages directly against the authorised subcontractor or third party recipient, etc.


6. What rights do you have as a data subject?

As a data subject, applicable data protection legislation grants you certain rights over your data which, depending on how they apply, you may exercise against Telefónica. Below you will find details of these rights and how you can exercise them. We also inform you that on the website of the Spanish supervisory authority (www.aepd.es) you can find further information on the characteristics of these rights and download templates for exercising each of them.

In general, you may exercise these rights at any time and free of charge by contacting Telefónica at privacidad@wayra.com.

It is important to bear in mind that when you exercise a right, in most cases, you must clearly specify which right you are exercising and provide a copy of a document proving your identity.

Any exercise of rights shall be answered within a maximum period of one month, which may be extended by two months if necessary, taking into account the complexity of the request and the number of requests.

Finally, in the event that you do not agree with the way in which your data is handled by Telefónica, you have the right to lodge a complaint with the national supervisory authority by contacting the Agencia Española de Protección de Datos, whose contact details are as follows:

Agencia Española de Protección de Datos
C/ Jorge Juan, 6 - 28001 Madrid
www.aepd.es


7. Further processing of data and changes to the Privacy Policy

Telefónica reserves the right to update this Privacy Policy at any time. Such update will be made public by Telefónica, in any case, with the legally required notice prior to its entry into force. In addition, it will be communicated directly to the data subject in the event that it affects their rights or freedoms or when, for example, the inclusion of a new processing activity requires the consent of the data subject or modifies the scope of the legitimate interest that enables the processing.