Privacy Policy

User Information

Universidad de Oviedo, with registered address at C/ San Francisco, 3 - Oviedo 33007 (ASTURIAS) and CIF Q3318001I, hereinafter the CONTROLLER, is the party responsible for the processing of the User's personal data and informs you that this data will be processed in accordance with the provisions of the Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, the Organic Law No. 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, and the Personal Data Protection Regulations of the University of Oviedo, approved by the Agreement of 5 March 2020, of the Governing Council of the University of Oviedo. Accordingly, the Controller provides you which with the following data processing information:

Information and consent

By accepting this Privacy Policy, the User is informed and gives his/her informed, express, free and unequivocal consent to the processing of the personal data provided through the forms on the website located at the URL (hereinafter, the "Website") by the Controller.

The University shall not be liable for any processing of data carried out by websites unrelated to the University.

Obligation to provide data

In general, it is obligatory to provide the data requested in the forms on the Website (unless otherwise specified in the required field) in order to comply with the established purposes. Therefore, if they are not provided or are not provided correctly, the requests made by the User cannot be fulfilled, without prejudice to the free viewing of the content of the Website. The User guarantees that the personal data provided are truthful and is responsible for communicating any changes thereto.

Purpose of data treatment

At the time of data collection, you will be informed of the purposes of their processing, which may include:

  • Teaching and academic management, in particular the management of enrolment, the preparation of qualification reports and their publication, the preparation of personal certificates, the issuing of degrees, the management of work placements in companies and institutions, and, in general, those necessary for the performance of the functions of a Public Higher Education Service.
  • Management of research related to the research activity of the Teaching and Research Staff and research contracts.
  • Staff management in matters necessary for the maintenance of labour relations and compliance with the legal regulations that apply to them, both for Teaching and Research Staff and for Administration and Services Staff.
  • Economic and asset management, in particular the processing and management of contracts signed and requests for services offered by the University of Oviedo.
  • Management of applications and job offers, and, where appropriate, of the selection process to which they may give rise, including the creation of employment exchanges.
  • Services to the university community, including, among others, prevention service, library, transport, sports, international relations, institutional e-mail and access to telematic services.
  • Requests for information or suggestions, as well as the submission of requests and letters addressed to the University of Oviedo.

Legitimation of the data treatment

  • The processing of data relating to teaching and academic management, research management, the management of personnel responsible for the maintenance of labour relations, economic and patrimonial management, in particular, the processing and management of contracts concluded and requests for services offered by the University of Oviedo, as well as the management of services to the university community is regulated in the contractual relationship itself and, in some cases, data processing is necessary for the fulfilment of the legal obligations applicable to the University of Oviedo.
  • The processing of data relating to the management of applications and job offers and, where appropriate, the selection process to which they may give rise, including the creation of employment exchanges and the job placement agency, as well as the request for information, or suggestions, the submission of requests and letters addressed to the University of Oviedo by Users, will be legitimised on the grounds of their consent.
  • Lastly, the processing of data relating to the sending of informative communications on the activities of the Controller is legitimised by the legitimate interest of the Controller when there is a prior contractual relationship between the Controller and the User. Otherwise, the legitimate basis would be the User's consent to receive this type of communication.

Time limits for data storage

The processed data will be kept for the time necessary to use them for the purposes for which they were collected and, thereafter, until the prescription of any liabilities arising from them or the fulfilment of legal obligations.

However, Users may revoke their consent to the processing of data at any time in the aforementioned cases, although this will not affect the lawfulness of the data treatments previously carried out.

Communication of data

The Controller contracts with third party data processors in order to provide its services. Specifically, the Controller has agreements with the following service providers:

  • Microsoft (e-mail service).
  • Telecable (data and communications network service).

With the exception of the aforementioned entities, your data will not be transferred to other third parties. If for any reason it is necessary to communicate said data to third parties, you will be informed beforehand and, if applicable, you will be asked for your consent and the purposes of the communication and the identity of the third party to whom the data will be communicated will be specified.

All of the above with the exception of those cases in which it is compulsory by law to communicate said data to a third party.

User´s Rights

Persons who provide us with their data have the following rights in relation to such data:

  1. Right of access
  2. Right of correction or deletion
  3. Right to restriction of processing
  4. Right to portability
  5. Right to object
  6. Right not to be subject to automated decisions
  7. Right to withdraw consent
  8. Right to lodge a complaint with the competent supervisory authority, in this case, the Spanish Data Protection Agency, especially in the event that you are not satisfied with the exercise of your rights. You may contact the Spanish Data Protection Agency by telephone on 901 100 099 and 912 663 517 or by visiting them at their address C/ Jorge Juan, 6. 28001 - Madrid.

Rights 1-7 may be exercised, in accordance with the Data Protection Regulations of the University of Oviedo, by submitting a request in the general and auxiliary registries of the University of Oviedo, as well as in any of the places established in Article 16.4 of Law No. 39/2015, of 1 October, on Common Administrative Procedure for Public Administrations, by electronic means, using the form available for this purpose on the University's website   ( or by e-mail addressed to the General Secretariat of the University (

If you wish to obtain more information about your rights, we suggest you visit the website of the Spanish Data Protection Agency.

Contact details for exercising your rights

Origin of the Data

All the data collected comes from the data subject

Data Protection Officer

(DPO) The CONTROLLER, in order to guarantee the security of your data, has appointed a Data Protection Officer who can be contacted at the following e-mail address:

Security Measures

Lastly, we inform you that the Controller will treat your data at all times in the strictest confidence and will maintain the mandatory duty of secrecy in accordance with the provisions of the applicable regulations, adopting the necessary technical and organisational measures to ensure the security of your data and prevent its alteration, loss, unauthorised processing or access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed.