1. Right to information
2. Who is responsible for the processing of personal data?
Euromedice, Ediciones Médicas, S.L. Passeig de Gràcia 101, 1º 3ª Barcelona.
3. For what purpose will we process personal data?
We will process the users of our applications’ personal data in order to meet the requests for information and/or queries made through the application, process the registration and enable the application to work, send communications about services and events related to our activity, unless this is otherwise indicated, opposed, or consent is revoked.
4. How long will we keep personal data?
In accordance with the regulations in force, personal data will be kept for a period of six (6) years and, if necessary, for ten (10) years pursuant to the regulations for the prevention of money laundering.
In any case, Euromedice, Ediciones Médicas, S.L. will keep the personal data as long as it is necessary for the provision or contractual relationship, unless deletion is requested of us. Likewise, personal data will be kept for the period of time necessary to comply with the corresponding legal obligations for each type of data.
5. What is the lawful basis for the processing of personal data?
The legal basis for data processing is mutual interest and the consent of the user.
6. To whom will personal data be communicated?
Personal data may only be communicated to group organisations or those linked to Euromedice, Ediciones Médicas, S.L. in the field of the management of its services, as well as to competent Public Administrations when required by current regulations.
Employees of Euromedice, Ediciones Médicas, S.L. who have authorised access rights in accordance with the internal security structure of the company will be able to access personal data for the purposes described in this data protection policy. All employees of Euromedice, Ediciones Médicas, S.L. have been trained and informed of their responsibilities in this regard and have signed a confidentiality agreement. Likewise, personal data may be accessed by third party organisations whose intervention is required and necessary for the proper management of service provision.
Euromedice, Ediciones Médicas, S.L. has established a contract or contractual agreements and security measures with third parties to guarantee a suitable level of security and protection of personal data.
7. What are your rights in relation to personal data?
Before Euromedice, Ediciones Médicas, S.L. you may exercise your rights of access, rectification, deletion, limitation of treatment, portability of data, opposition and not to be subject to automated individual decisions, including the development of profiles. Similarly, in the processing of data whose lawfulness is based on your consent you have the right to withdraw such consent at any time, without it affecting the legality of the processing based on the consent prior to its withdrawal.
8. Which personal data is stored?
The basic identification and relationship data for the submission of proposals, information or creation of invoices are kept, such as names and surnames, addresses, NIF [Spanish Individual Tax ID no.]/CIF [Spanish Company Tax ID no.] or account number.
9. What is the policy around data storage/availability/backups and its location?
No information is deleted unless the deletion is requested by the user and this deletion is compliant (see point 3). It is always available, even though it may be blocked from sending marketing and commercial information if the rights of withdrawal, limitation or opposition to treatment have been exercised by the user.
Backup copies are made of the servers that contain data, which are duly controlled and guarded.
10. What is the privacy and security policy of the data and of the access to it?
Access to the database is protected by username and password.
In the case of an authorised remote access, this is done using the VPN protocol.
11. What is the response policy to security incidents and account analysis?
Euromedice, Ediciones Médicas, S.L. has adopted appropriate technical and organisational protection measures, and these measures have been applied to the data affected by the potential violation of the security of personal data. Access to personal data is not possible for people who are not authorised to access them. Euromedice, Ediciones Médicas, S.L. has carried out and maintained an analysis of the vulnerability risks of personal data and its impact, if applicable, on the security and privacy of user data.
12. What is the erasure policy in the event of service termination?
Euromedice, Ediciones Médicas, S.L. deactivates the accounts of users who decide to unsubscribe and who have exercised their right to deletion in their information-sending databases. In this case, the user’s data will be blocked and maintained for the time required by regulations and will be used exclusively for compliance with legal obligations.
13. Who is our data protection officer?
According to current legislation, Euromedice, Ediciones Médicas, S.L. does not have the legal obligation to designate a DPO (data protection officer).
You can contact our data protection officer at email@example.com.
In the event that Euromedice, Ediciones Médicas, S.L. identifies a security breach of personal data that compromises one or more of its users, these users will be notified as soon as possible about this. If the risk and violation is significant, the competent authority will also be notified.
14. Consent of the user
The sending of personal data through the use of digital or paper forms from Euromedice, Ediciones Médicas, S.L. or, as the case may be, emails or other similar means assumes the user’s express consent to the processing of their personal data included in the means of communication related to Euromedice, Ediciones Médicas, S.L. However, you may revoke this consent at any time through the rights described above in point 7 of this privacy and data protection policy.