Versión en español

Privacy policy

The companies of the Hedima Group * (from here on out, identified interchangeably as HEDIMA) have adopted the present Privacy Policy, guaranteeing that the treatment of the data of the users, students and people that are related to any of the companies of the Group is carried out in such a way that the principles and norms related to the protection of personal data are observed.

*Companies of the Hedima Group Hedima DN Formation, SLU. NIF 882651574 HON Corporate, SLU NIF 886762481 Hedima Grupo de Servicios de Consultoria, S.LU NIF: 883827105 Global Learning Provider S.L.U. NIF B86503158 Hediprev SLU CIF 885539674 Hedima Education Services, SLU NIF: 886762473, Hedima Custom Learning SLU. CIF: 886762465 with address at Avda. Ensanche de Vallecas, 44-2 Floor 28051 Madrid. Gestión del Conocimiento, SA NIE 61302196 with address at Calle Joan D Austria 39-47. 3rd floor, 08005 Barcelona y Sigma, S.LU B- 82757840 with address at Avda de las Cortes Valencianas, 39-381, 46015 Valencia.

Responsible Contact Data Protection

The Privacy Policy of the companies of the Hedima Group is aimed at maximum security in their use and collection, guaranteeing compliance with current regulations on the matter and configuring this policy as one of the basic pillars in the lines of HEDIMA performance.

Remember that before you start using any of our services or functionalities, you should read this Policy, as well as the Legal Notice and, where appropriate, the Terms and Conditions of Use of the specific section you see about that service or functionality. In that section, you can see if there is any particular condition for its use, or if a specific treatment of your data is required. Any failure to provide certain information indicated as compulsory may mean that it is not possible to manage your registration as a user or the use of certain features or services available through the Page or made available to the User that provides personal data to HEDIMA guarantees that the data provided is true and accurate and notifies any change or modification thereof.

What personal data do we collect?

We may collect or receive your data through your visit to the page, derived from your interaction with us through the implementation and subsequent sending of the contact form, sending your resume, derived from your interaction with us on the pages of our profiles in the social networks identified on the Page, as a student of HEDIMA or obtained in the field of training management with your employer.

In some cases, personal data is provided directly by the user when subscribing to our newsletter, when contacting us through the enabled channels answering the surveys, subscribes to our social media profiles or interacts with through these profiles through comments, opinions or sharing the content published in each profile.

In other cases, personal data is obtained indirectly from the user for purely statistical purposes in order to analyze the use made of our Page through the use of cookies or keep the user Identified in the Private Area of our Training Institute ( See our Cookies Policy).

We can also obtain your data if your employer has contracted with HEDIMA the management of your Training Plan or derived from your registration in the courses taught by HEDIMA.

Finally, we also have the personal data of contract signers or contact persons of customers and suppliers.

In the different tables we show you below, you will find more detailed information about the processing of your personal data including the following aspects:

  1. Main purposes: it is identified for what purpose we need to collect your data, that is, because we treat your information.

  2. Legitimization: the reason that enables us to process your data is detailed.

  3. Conservation periods: identify the specific conservation period or the criteria that determine this period.

  4. Recipients: we identify with whom we will share your data in a legitimate way.

  5. Rights of the interested parties: we inform you about the rights that assist you as an interested party in the processing of your personal data.

How can the users exercise their rights?

Those interested users can exercise the rights of access, rectification, suppression of portability, limitation or opposition. If applicable, the withdrawal of the consent given by written request addressed to the address of HEDIMA by sending an email destined to, sent from the email address provided, indicating the data protection reference. Those interested can complain to the Control Authority (Spanish Agency for Data Protection,

The requests for the exercise of rights sent by postal mail or from an email different from than that associated with HEDIMA to the interested party must include a photocopy, scanned copy of a valid identification document or electronic signature in order to identify the user, which may require information to confirm your identity if you do not provide it, unless we have the ability of not identifying the applicant with the data provided.

(According to the EU Regulation 2016/679 on Data Protection)

Responsible for the treatment

Hedima Group company issuer the training certificate and / or manager of the Training Plan of its employer.

Objectives of the treatment

  1. The management of the contractual relationship with suppliers and / or customers, including the management of the billing of the services and / or products provided and / or acquired by the external staff at the premises of the person in charge or, where appropriate, registration of visits.

  2. Coordination of business activities: the treatment of information related to certificates of abilities, adaptation of jobs and reports related to accidents of employees at work of external companies and location according to our Emergency and Evacuation Plan.

  3. Professional contact.

  4. The management of the rules and integrity policies within the companies of the Hedima Group in their relationships with customers and suppliers.

  5. The security of the installations through images captured by the video surveillance system in the facilities which have these devices.

  6. Approval of supplier’s verification and / or accreditation of rules by all of them.

Additional objectives

The sending commercial information, as long as you have given your consent to receiving communications from the Hedima Group companies in the training sector.

Legitimization and periods of conservation

Legal base for the treatment:

  1. Development, compliance and control of commercial relationships established with the customers.

  2. Management of the contractual relationship associated with the registration and participation in courses.

  3. Compliance with legal obligations: Insurance Contract Law and sector regulations in the field of application training.

  4. Legitimate interest of the responsible person for the development of business, control activities and public interest in maintaining the security of the facilities.

Except for the cases where willingness is manifested, the data is necessary for the purposes identified above and its absence implies that you cannot acquire the status of student.

The data will be kept as long as the contractual relationship with your company is maintained and once extinguished, during the prescribed period of prescription of the actions that result from application.

Recipients of cessions and international transfers

  1. Training entities for the teaching of courses, and training management companies, State Public Employment Service (SEPE), competent entities of the Autonomous Communities, European Social Fund or other co-financing entities of training actions, including health data for evaluation, monitoring and control of training actions, and management and processing of bonuses in Social Security contributions. It also gives consent for companies that provide training so as to they can communicate to their employer

  2. The data associated with the evaluation and use of the course will be communicated to your employer, in the event that the training is carried out within the framework of the management of your Training Plan or has been billed to the employer.

  3. Insurance companies, in the event that the training is carried out in HEDIMA facilities and it is required to communicate the circumstances and consequences of the incident with the purpose of processing and calculating the compensation that corresponds.

  4. Public Administrations (controls associated with training) in compliance with legal obligations.

  5. HEDIMA makes use of the Online Services for Microsoft Corporation companies with tools such as Office 365, constituting its use an international data transfer authorized by the AEPD on May 9, 2014 in order to comply with the reporting obligations in the Group companies and the regulatory compliance policies.

  6. Responsible for web analytics services: the Site has enabled Google Analytics services provided by Google LLC. Interaction with users through the use of this tool implies the international transfer of analytical and technical data in relation to the Page. The transfer is made under the EU US Privacy Shield agreement. – Information available at:

  7. Responsible for video services: the Site has enabled the video streaming services provided by Vimeo, Inc. Interaction with users through the use of this tool implies the international transfer of data. The transfer is made under the EU-US Privacy Shield agreement – Information available at:

HEDIMA adopts the necessary technical and organizational measures to guarantee the security of the personal data contained therein and to prevent its alteration, loss, treatment or unauthorized access, taking into account the state of the technology, the nature of the data and the risks to which they are exposed.

The Page has the SSL Certificate (Secure Socket Layer), in order to guarantee the security in the data transmission between your browser and our Page.

The safe server establishes a connection so that the information is transmitted encrypted, which ensures that it is only intelligible for the user's device and that of the Page. In this way, when using the SSL protocol it is guaranteed:

  1. That the user is communicating the data to the server center of the Page and not to any other.

  2. That between the user and the Page the data is transmitted encrypted, avoiding its possible reading or manipulation by third parties.

To verify that it is in a safe environment, the user should check that the address of the verification page begins with https://

You can also identify the page as safe when a lock icon appears in the address bar of your browser.

Finally, you can also verify the presence of the SSL certificate by checking the properties of the page in your browser for which you should check its characteristics.

Any changes made to the Privacy Policy and information management practices will be reflected in a timely way, and the entity may add, modify or eliminate the aforementioned privacy policy when estimated necessary.

Under any circumstances HEDIMA will modify the policies or practices to make them less effective in protecting the personal data of our clients or users previously stored, without their prior consent.