top of page

Aviso Legal




This Privacy Policy is designed to help you understand how the Colegio Estrella Toledano-Centro de Estudios Ibn Gabirol treats the Personal Data provided by the interested parties or affected subjects.


All the treatments carried out by the Treatment Manager will be governed by the provisions of current legislation. Specifically, Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (hereinafter "LOPDGDD") and Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data (hereinafter "RGPD" or "GDPR").


The interested party has previously read and accepted this Privacy Policy and has accepted its provisions. Likewise, access to and use of the website is also governed by the provisions of this Privacy Policy.







The Person Responsible for the Treatment of Personal Data is the religious entity COMUNIDAD JUDÍA DE MADRID (hereinafter "CJM" or "the Responsible"), a religious entity domiciled in Madrid, at Calle Balmes, 3 provided with CIF R-2800546- J, registered in the Registry of Religious Entities of Madrid 015555 with Registry No. 2775-SE, e-mail: , to which the Colegio Estrella Toledano-Centro de Estudios Ibn Gabirol belongs (hereinafter "the school"). The contact details of the College are (1) telephone: 91 650 1229 and (2) e-mail and (3) address: Paseo de Alcobendas 7, Alcobendas, Madrid.


You can also consult the Data Protection Delegate (DPD) of the CJM, which is the company TOTAL.DAT SLU with address in Badajoz, on Avenida Joaquín Sánchez Valverde, number 3, telephone 911594141, e-mail: mt.dominguez @ ; web:


The CJM respects and protects the privacy of the interested parties, guaranteeing the confidentiality of the personal data to which it has access, carrying out strict compliance with this Privacy Policy and with all applicable legislation in force in all the processing of data of character personal.  


Likewise, the CJM applies technical and organizational security measures given the nature of the Personal Data processed​​ and the circumstances of the treatment, as well as those that are recommended given the state of technology, in order to guarantee the integrity, security and confidentiality of the personal information of the interested parties.


In relation to this, the CJM will ensure compliance with the following Principles of processing of personal data:


  • Legality, loyalty, transparency and limitation of the purpose. The data processing will always be informed to the interested party, through clauses and other procedures; and it will only be considered legitimate if there is consent for the processing of data (with special attention to that provided by minors), or it has another valid legitimation and the purpose thereof is in accordance with the Regulations.


  • Adequacy, relevance and limitation of personal data. The data processed must be adequate, relevant and limited to what is necessary in relation to the purposes of the treatment.


  • Accuracy. The data must be accurate and, if necessary, updated. In this regard, the necessary measures will be taken so that personal data that are inaccurate with respect to the purposes of the treatment are deleted or rectified without delay.


  • Limitation of the conservation period. The data will be kept in a way that allows the identification of the interested parties for no longer than is necessary for the purposes of the treatment.


  • Integrity and Confidentiality. The data will be treated in such a way as to guarantee adequate security of personal data, including protection against unauthorized or illegal treatment and against its loss, destruction or accidental damage, through the application of appropriate technical or organizational measures.


This Privacy Policy and Protection of Personal Data will focus on the treatments carried out by the College, regardless of the Privacy Policy for other data processing carried out by the CJM, which you can consult here .




The purposes of the processing of personal data are the following:


  • Administer and manage the personal and academic information of the students of the School.


  • Administer and manage the information and internal communication system between school staff, teachers and students.


  • Sending internal communications of the School to keep parents and students informed of the activities, news and services provided.


  • Improve services provided to parents and students.


  • Detect and prevent any identity fraud.


  • Strengthen physical and cyber security measures.



At any time, the interested party may exercise their right to object to these treatments by requesting our Data Protection Delegate or directly to the administration of the College.




The legitimacy for the treatment of the personal data of the interested parties is based on their informed and explicit consent, as well as the contractual obligations that exist between the College and the interested parties who are provided with the services provided by the College.





The time of conservation of the data will be strictly necessary for the purposes established in this Privacy Policy. Notwithstanding the foregoing, the College will review the personal data of non-active interested parties and will block their data if they are not processed. These personal data will be blocked and when the deadlines established by current legislation are met, they will be erased from the College's databases.





The College and the CJM do not transfer personal data of the interested parties to third parties.


Notwithstanding the foregoing, the College and the CJM may communicate the personal data of the interested parties to the competent control and supervision entities and to the fiscal, administrative and judicial authorities within the European Union in the event that they request it motivated and always in accordance with current legislation.


Likewise, the College allows access to the personal data of the interested parties to providers known as Treatment Managers. The Treatment Managers access said data in order to fulfill the specific purposes for which the College processes personal data, established in this Privacy Policy. The College has established relationships with Treatment Managers who guarantee to apply appropriate technical and organizational security measures in the processing of data. The relations between the College and the Treatment Managers are regulated in the corresponding Personal Data Treatment Agreement.


Currently, the College does not carry out international transfers of personal data. To do this, in the first place, it will request the explicit consent of the interested party, and, secondly, they will be to countries where there is an adequate level of protection of personal data in accordance with the European Commission. Otherwise, these transfers could only be carried out in the cases established in current legislation.





Interested parties may exercise their rights regarding the processing of their personal data by writing to or by e-mail to the College, the CJM, and the CJM Data Protection Officer (contact details previously defined in this Policy Of privacy)


The rights of the interested parties, under current legislation are:


  1. Right of access: the interested party has the right to access the personal data processed by the person in charge in order to verify that they are processed in accordance with the law. 

  2. Right of rectification: the interested party has the right to request the rectification of any personal data that is inaccurate or incomplete, in order to protect the accuracy of the information. 

  3. Right of deletion: the interested party has the right to request that the College or the CJM permanently delete their information and that they cede the processing of their data. However, a series of exceptions are regulated in which this right will not apply, as well as the right of blocking established in article 32 of the LOPDGDD.

  4. Right to limitation of treatment: the interested party has the right to request that the College or the CJM restrict the processing of their data to the purposes that the interested party establishes. 

  5. Right to data portability: the interested party has the right to request the portability of their personal data held by the Data Controller, receive them in a structured format and / or request the transfer of their personal data to another controller or managers. processing of personal data.

  6. Right of opposition: the interested party has the right to object, at any time, to the processing of data for a series of reasons without the need to justify their decision. 

  7. Right not to be subject to automated individualized decisions: the interested party has the right not to be subject to a decision based solely on automated processing, including the creation of profiles, if said profile produces a legal effect on the interested party or affects him in a significant way . 

  8. Right to file a complaint / claim with a Control Authority: the interested party has the right to file a complaint with a control authority, if they consider that the processing of related personal data violates current legislation. In Spain, the control authority is the Spanish Data Protection Agency.





The College is deeply committed to complying with the regulations for the protection of personal data, and guarantees full compliance with the obligations set forth, as well as the implementation of the appropriate security measures to guarantee a level of security appropriate to the risk. In this sense, the College will carry out an annual verification, evaluation and assessment, or each time there are significant changes in the data processing, of the effectiveness of the technical and organizational measures to guarantee the security of the processing.





Currently the College does not have profiles on Social Networks. Otherwise, the data processing that the School carries out as the Responsible for the treatment in the Social Networks in which it has profiles will be that established by said Networks.




The CJM and Colegio website only use technical cookies to facilitate the user experience. Analytical, behavioral or any other type of cookies are not installed. According to the instructions of the APED and the provisions of article 22.2. of the LSSI this type of cookies do not require consent or acceptance by the user. For more information you can access the following  link .





On the College's website, the interested party can find third-party links. These links are controlled by third parties and the College cannot control the content provided by these other websites nor is it responsible for the processing of personal data that these third parties process. The College reminds the interested party that this Privacy Policy only applies to personal data collected and processed​​ by the College through the website or the registration forms enabled. Therefore, the College is not responsible for the processing of personal data of the interested party that these third parties may carry out.





This Privacy Policy is in effect. The College or the CJM reserve the right to change this Privacy Policy, always in accordance with current legislation. Where appropriate, these changes will be communicated to the interested parties through the communication channels established in the College with their interested parties.

The date of the last update will always appear in the heading of this Privacy Policy.





The contact details of the College, the CJM and the CJM Data Protection Officer, detailed above in this Privacy Policy, are the following:





Calle Balmes, 3, Madrid.

91 591 31 31




Paseo de Alcobendas 7, Alcobendas, Madrid

91 650 12 29




Avenida Joaquín Sánchez Valverde, 3, Badajoz,

91 159 41 41


bottom of page