Privacy Policy


Holder: COLEGIO MAYOR VEDRUNA (hereinafter, the “COLEGIO MAYOR”).
NIF: R-2800902E
Registered office: Gta. from President García Moreno, nº 2, 28003, Madrid
Data Protection Officer: Eva Romanillos Alonso


In accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data and by which Directive 95/46 / CE (hereinafter, “RGPD”) is repealed, as well as Organic Law 3/2018, of December 5, on the Protection of personal data and guarantee of digital rights (hereinafter , the “LOPDGDD”) and any other development regulations, by accepting this Privacy Policy of the website (hereinafter, the “Website”), the interested party ( hereinafter, “user” or “user”) is informed and, where appropriate, gives their informed, express, free and unequivocal consent for the personal data provided through the Website to be processed by the COLLEGE MAYOR, in accordance with the purposes indicated below.


The data requested in the forms provided on the Website are, in general, mandatory (unless otherwise specified in the required field) to fulfill the established purposes.

Therefore, if they are not provided, or are not provided correctly, the purposes that motivated the processing of personal data cannot be carried out.


EL COLEGIO MAYOR will treat the following categories of personal data that are provided through the Website and, in any case, those that are indicated as mandatory in the enabled web forms, such as:

• Identifying data: name, surname, image, etc.
• Contact information: postal address, email, telephone, etc.
• Academic data: degrees or studies carried out, etc.
• Health data: medical certificate, allergies, etc.
• Family data: data of parents, etc.
• Bank data.
• Other data: data provided by the users themselves in the open fields of the forms provided on the Website or in the attached documents.
• Navigation data, in accordance with the provisions of the Cookies Policy.

In the event that the user provides data from third parties, they declare that they have their consent and undertake to transfer to the interested party, the owner of said data, the information contained in the Privacy Policy, exempting the MAYOR COLLEGE from any responsibility in this sense.


The personal data that we process through the Website will be used for the following purposes:

In the event that the user makes a request through the Website, either to apply for admission or to apply for renewal, her personal data will be processed for the purpose of:

• Carry out the administrative management of your application in EL COLEGIO MAYOR, as well as the services and activities in which, where appropriate, it participates.
• Present, organize and provide the services of the COLEGIO MAYOR related to the dining room service, etc. as well as the complementary and / or extracurricular activities in which it participates. To this end, it is possible to request special categories of data related to your health, in order to preserve your health during your stay at COLEGIO MAYOR.
• Carry out the development of the teaching and guidance function of the COLEGIO MAYOR.
• Inform the family members of the user, when appropriate.
• Identify the user, through the use and / or capture of their image, in their access and exit from the COLLEGE MAYOR, to comply with the guidelines of the COLLEGE MAYOR in terms of security and organization of their activities.
• Carry out the follow-up of the process of adaptation and socialization of the user to the life of the COLLEGE MAYOR.
• Send information of interest to the user about the offer of the COLEGIO MAYOR.

In the event that a user contacts the COLLEGE MAYOR through the means of contact enabled on the Website, their personal data will be processed in order to respond to such requests for information or contact, in accordance with their content.


The treatment related to the applications for admission and renewal of the place has its legitimizing basis in the execution of a contract or the application, at the request of the user, of pre-contractual measures aimed at enabling the stay of the user in the COLLEGE MAYOR and, more Specifically, the treatment of health data has as a legitimate basis the fulfillment of the Responsible’s obligations in the field of security and social protection of users, attending, at all times, to the principles of data minimization and purpose limitation. .

For its part, the processing of user data related to their image is legitimized by the legitimate interest of the COLLEGE MAYOR in the management of its activity and the preservation of security.

Finally, the purpose of sending communications with information about the offer of the COLEGIO MAYOR has as a legitimate basis the existence of a prior contractual relationship with the user, allowing, at all times, the opposition of the same to the receipt of this type of communications, by a free and simple means.

Regarding the management of requests for information through the enabled means of contact, the treatment will be legitimized in the consent of the user, through the referral of said communication.

The processed data will be kept for the time necessary to carry out the purposes for which they were collected, that is, for the provision of services and, subsequently, until the prescription of any responsibilities that may arise from these.

Regarding those processing of personal data legitimized by consent, the user may revoke his consent at any time, although this will not affect the legality of the processing carried out up to that time.


We inform you that the COLLEGE MAYOR may communicate the user’s personal data to the Complutense University of Madrid, in its capacity as a center attached to it, in accordance with the applicable regulations.

On the other hand, the COLEGIO MAYOR will not carry out international data transfers with the personal data obtained from the user.


The user guarantees that the data provided is true, accurate, complete and up-to-date, the user being responsible for any damage or loss, direct or indirect, that may be caused as a result of breach of such obligation. In the event that the data provided belongs to a third party, the user guarantees that they have informed said third party of the aspects contained in this document and obtained their authorization to provide their data to the COLLEGE MAYOR for the purposes indicated.


The user can send a letter to the COLLEGE MAYOR to the address indicated in the heading of this Policy, or, where appropriate, by means of an email to the DPO address,, attaching a photocopy of your document identity card, at any time and free of charge, to:

• Revoke the consents granted.
• Obtain information about whether the COLEGIO MAYOR is treating personal data concerning the user or not and, if so, access their personal data.
• Rectify inaccurate or incomplete data.
• Request the deletion of your data when, among other reasons, the data is not necessary for the purposes that motivated its collection.
• Obtain from COLEGIO MAYOR the limitation of data processing when any of the conditions provided in the data protection regulations are met.
• Oppose the processing of your personal data, in accordance with legal requirements.
• Request the portability of the data provided by the user in those cases provided for in the regulations.

Finally, the user may file a claim regarding the protection of their personal data with the Spanish Agency for Data Protection at the address Calle de Jorge Juan, 6, 28001 Madrid, when they consider that the COLLEGE MAYOR has violated their rights. recognized by applicable data protection regulations.


Finally, we inform you that the MAYOR COLLEGE will treat your data at all times in an absolutely confidential way and keeping the mandatory duty of secrecy regarding them, in accordance with the provisions of the applicable regulations, adopting measures of a nature technical and organizational necessary to guarantee the security of your data and prevent its alteration, loss, treatment or unauthorized access, taking into account the state of technology, the nature of the stored data and the risks to which they are exposed.


Last update: March 18, 2020.