Privacy Policy

This privacy policy contains all the necessary information that must be provided to Users when collecting their personal data through any of the electronic forms on CodeOp’s website, such as that related to the purposes, storage periods and legal basis on which the processing is legitimized, how they are used, communicated and the rights of Users.

These policies have been prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, General Data Protection (GDPR) and the current data protection regulations in Spain, Organic Law 3/2018 on Personal Data Protection and guarantee of digital rights.

Responsible for the processing of personal data

The entity responsible for the collection and use of your personal data as indicated in this privacy policy is:

[email protected]
Tax Identification Number B-67289439 
C/ Pallars 193 
08005 Barcelona, Spain
Commercial Registry of Barcelona Volume 46577, folio 221, sheet 524390, book 0, section 8 and inscription I/A.

Principles applied to the processing of personal data

The principles set out below are applied by CodeOp and by any member of its staff who has access to or otherwise processes personal data. Personal data will always be:

    • dealt with in a lawful, fair and transparent manner.
    • collected for specified, explicit and legitimate purposes and will not be further processed in a way incompatible with those purposes.
    • accurate and, if necessary, updated, taking all reasonable steps to delete or rectify those that are inaccurate with respect to the purposes for which they are treated kept for no longer than is necessary for the purposes of processing.
    • Processed with integrity and confidentiality, in such a way as to ensure adequate security of the data.

Types of personal data processed and purpose 

The personal data provided must be true, accurate and complete and kept up to date. The registration of data through the electronic forms available on the different pages of our website is mandatory, at least those marked as such, and implies that you have been informed and have given your consent to the content of this privacy policy. Failure to provide such data, or the provision of incorrect data, will make it impossible for us to correctly manage the requests made.

We collect the following categories of personal data on our website:

      • Personal information related to the handling of requests and resolution of queries, such as name, surname, e-mail address and contact telephone number. This personal data is stored in our databases for the management of requests and academic contacts, with students, mentors or partners depending on the nature of the request and will be used to complete any request or query through our website electronic forms.
        At any time, you can change your information or preferences or provide additional details.
      • Personal information related to the application to any of our courses, and any information necessary for subsequent operations related to such registration, such as name and surname, e-mail and contact telephone number, date of birth, address, nationality, city of residence, preferred pronoun. In addition, in some cases a LinkedIn profile or Curriculum Vitae is requested in order to assess the suitability for the chosen program.
      • Information related to newsletter subscriptions and commercial prospecting, such as name, surname, e-mail address. These personal data are stored in our databases for the management of commercial relations. You will always be given the option to cancel and/or remove yourself from the databases with each electronic communication you receive from us. At any time, you can modify your information or preferences or provide additional details.

We will not use your personal data to make automated decisions that affect or create profiles other than those described above. In any case, if there is a further processing of the data whose purpose is different from that for which it was originally collected, we will inform you about all aspects relevant to this other purpose before proceeding with such further processing.

Personal data retention

The personal data provided will be kept for the duration of the execution of pre-contractual arrangements, the attention to requests and resolution of queries and, in any case, for the time necessary to fulfil the purpose for which the personal data was collected and to determine the possible responsibilities that may arise from such purpose and processing.

In determining the appropriate retention period for personal data, we also look at the amount, type and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and any applicable legal requirements.

Legitimation to process personal data

We process your personal data on the basis of the consent given for the handling of requests and inquiries, and also on the basis of the execution of pre-contractual arrangements and subscription of the enrollment agreement itself.

Recipients of personal data

Personal data may be communicated to the following recipients:

      • Data processors, such as service providers who provide services to CodeOp, such as website content and students relationship managers. Service providers are authorized to use the information only to the extent necessary to perform and provide the services for which they were hired and subject to the terms set forth in the processing contracts entered into and in this Privacy Policy.
      • Financing and academic credit companies, when applicable.
      • Commercial partners.
      • Public Administrations and Bodies, when so required by tax, labour or any other applicable regulations.

In the event of international data transfers as a result of the above communications, in the event that the recipient companies are outside the European Economic Area, CodeOp will use the standard contractual clauses adapted by the European Commission recently in June 2021, as a guarantee of those transfers made to countries that do not have an adequacy decision of the European Commission. 

In any case, those third parties with whom certain personal data is shared will have previously accredited the adoption of appropriate technical and organizational measures for the correct protection of the same in accordance with the GDPR.

To register for any of our free courses published on our Website, you may be required to register your personal data with third parties located outside the European Union: Eventbrite, a US corporation located in Delaware, CA, provides a ticketing and event registration service. Eventbrite has its own privacy policies, which are available and viewable upon registration and which we recommend you review before submitting any request.

We promise never to use your personal data for purposes other than those specified in this privacy policy, nor to illegitimately transfer them to third parties.

Rights of persons

Users may exercise any of the rights recognized in the data protection regulations before us.

We undertake to respect and facilitate the exercise of these rights and, in particular, the rights of access, rectification, suspension, opposition, limitation of processing and data portability. These rights may be exercised by sending an email to [email protected]

We will provide you with all necessary information concerning the actions we take on the basis of any request to exercise your rights as a data subject, within the stipulated legal deadlines. 

In any case, we inform you that you can file a complaint with the Spanish Data Protection Authority the protection of any of your rights.

Implementation of security measures on personal data 

We guarantee that we maintain the necessary security levels for the protection of personal data provided to us through the website in accordance with current regulations, and that all the corresponding technical and organisational measures have been established and applied to prevent the accidental loss, destruction or damage, misuse, alteration and unauthorised or unlawful processing of the data provided.

We have also implemented a notification procedure in case of any suspected breach of personal data security, addressed to the data subjects and also to the relevant supervisory authority.

Right to withdraw consent

If you have given your consent for the processing of your personal data, you have the right to withdraw it in whole or in part. To withdraw your consent, please follow the opt-out links provided in all commercial communications sent to you or contact us via our contact form on this website or via email.

Once we have received notice that you have withdrawn your consent, we will no longer process your information for the purposes for which you originally authorized it, unless there are compelling legitimate grounds for further processing that would nullify your interests, rights, and freedoms or for the exercise or defense of legal claims. The withdrawal of consent to receive commercial communications will not affect the processing of personal data for the provision of our services.


If you have any concerns or comments about this privacy policy, please contact us by e-mail at [email protected] or by post to C/ Grassot 101, 08025, Barcelona, Spain.