Policies

DATA PROTECTION AND PRIVACY POLICY

1.- Data Processing Controller
In accordance with the dispositions of EU Regulation 2016/679, concerning the protection of data of a personal nature of individuals (GDPR), we inform you that the personal information you provide will be duly registered and incorporated in the data processing systems which are the responsibility of:
Company Name: Euroespes S.A.
Trade Name: EuroEspes
Business Address: Santa Marta de Babio S/N – Bergondo, Corunna, Spain
Tax Identification Code: A15319452
Telephone: +34 981780505
Fax: +34 981780511
e-Mail: info@euroespes.com
Registered at the Companies Register of Corunna, Volume 855, General Section, Sheet 202, Page C-1635, Entry 1
Domain Name: euroespes.com
Contact details of the Data Controller: delegado@euroespes.com

2.- Right to Information
The Privacy Policy of EUROESPES, S.A. (hereinafter EUROESPES) is based on the approved EU Regulation 2016/679, concerning the protection of data of a personal nature of individuals, hereinafter GDPR, and on other current legal regulations, concerning the coverage given to the requirement of regulating the access, use and release of information regarding the healthcare, scientific and research services carried out by our establishment, likewise the training opportunities, events and employment offered by EUROESPES, whether via the website www.euroespes.es or via hard copy requests.

3.- What will your data be used for?
The purpose of the processing of the personal details you have provided to EUROESPES, via its different channels for the transfer or obtaining of personal data, will depend on the reason why you provided them to us:
– Processing of the details of the patients of EUROESPES, the purpose thereof being limited to the performance of observational clinical studies concerning diseases of the central nervous system and aging.

– Processing of the details of the patients of EUROESPES, the purpose thereof being limited to the management and processing of information concerning the analytical tests performed and genetic tests carried out in the course of medical services provided by EUROESPES, the issuing of medical reports containing results and treatment patterns, and the storage of biological samples derived from this type of analytical tests for the purpose of repeating tests and the preservation of surpluses for the purpose of biomedical research.

– Processing of the details of the patients of EUROESPES, the purpose thereof being limited to the management of the patients’ clinical history data and the performance of administrative tasks derived from the provision of healthcare.

– Processing of the details of suppliers, for the management of their contractual relationship with EUROESPES.

– Processing of the details of EUROESPES’ workforce, for the management of the payroll, human resources and personnel management.

– Processing of the details of candidates for a position at EUROESPES.

– Processing of details for the purpose of performing video surveillance and security measures at the access points of EUROESPES’ premises.

The personal details provided will be held while your relationship with EUROESPES lasts, and will be held thereafter in the cases where this is of importance for the health of the interested parties, or during the term established by legal order in each case. Likewise, we inform you that your personal data will not be used by EUROESPES for the preparation of commercial profiles. The processing of your personal information will be carried out lawfully, fairly, transparently, appropriately, relevantly, accurately and in a timely manner. To this end, EUROESPES undertakes to take all reasonable measures for their timely elimination or correction in the event of their being incorrect.

4.- Security Measures
Bearing in mind the state of the art, the implementation costs, and the nature, the scope, the context and the purpose described in section 3 of the present Privacy Policy; also the risks with a variable degree of probability and seriousness for the users’ rights and liberties, EUROESPES, in compliance with the dispositions of Article 32.1 of the GDPR, has enforced the appropriate technical and organizational measures to ensure a sufficient level of security; measures which in this case include, among others: ensuring the permanent confidentiality, integrity, availability and resilience of the processing systems and services, measures for restoring the availability of and rapid access to the personal details in the event of a physical or technical incident, and the implementation of a regular process for the verification, evaluation and assessment of the efficacy of the technical and organizational measures to ensure the safety of the treatment.
Likewise, our website employs information security technology as generally accepted in industry, such as firewalls, access control procedures and cryptographic mechanisms, in order to prevent unauthorized access to the data. To this end, the user accepts that the provider shall obtain data for the purpose of the corresponding authentication of access control.
Any contracting process, or process requiring the entering of high-level personal data (health, ideology, etc.) shall always be transferred via secure communication protocols (https://,…), in order that no third party shall have access to the electronically transmitted information.

5.- What is the legal standing for the processing of your data?
The legal basis for the processing of your personal data lies in i) your request and the contracting of EUROESPES’ medical services, ii) your consent to the holding of your data for investigational purposes, iii) the management of the request sent by you to EUROESPES, iv) your contractual relationship with EUROESPES, v) your consent to take part in the activities, training and events organized by our establishment, or vi) those situations under which the legitimization of the processing of your personal details by EUROESPES is decreed by law.
However, as will be stated below, you are entitled to exercise your right of opposition to the aforementioned processing, by following the instructions provided by EUROESPES for this purpose.

6.- Who will be the recipients of your data?
EUROESPES has no intention to carry out any transfer of the personal information contained in its processing systems to third parties, except in those cases where you have expressly authorized this, or where it is required or permitted by law. In this case, EUROESPES undertakes, where applicable, to notify all users beforehand of the identity of the receiving body, and of the purpose justifying the same, in order to request your consent. You are also informed that your personal information may be accessed by institutions or persons alien to EUROESPES in those cases where it is necessary for the provision to EUROESPES of a professional service. In this last case, said transfer of or access to information will be carried out subject to the signing of a contract for the provision of services under the terms and conditions included in article 28 of the GDPR. In this regard, it is not foreseen that EUROESPES will carry out any international transfers including your personal information; however, should such transfers arise, and more specifically, to destinations or countries considered insecure from the point of view of data protection standards, where the regulations do not offer the same level of guarantee of your rights and liberties as the regulations in effect in the European Economic Area, EUROESPES will take all the technical, organizational and security measures demanded by the GDPR.

7.- What are your rights when you provide us with your data?
You have the right to access your personal details, and to request the correction of incorrect data, or where applicable, to request their elimination when, among other reasons, the data are no longer required for the purposes for which they were collected. You may request the limitation of the processing of your data, in which case EUROESPES will hold them solely for the filing of or defense against possible claims. Likewise, you may oppose the processing of your data, in which case EUROESPES will cease to process the same, unless it is not possible to comply with your opposition request due to legal reasons or reasons of defense against possible claims. You may also request the portability of your data.
To exercise your rights, you may go in person to EUROESPES’ facility and ask Reception for the appropriate form, or if you prefer, you may send a request in writing entitled “Exercise of the right to …………………..” to the following address: Santa Marta de Babio S/N – Bergondo, Corunna, Spain. In all cases, please remember to attach a copy of your Identity Document.
Likewise, in compliance with the dispositions of the GDPR, you are informed that if you wish, you may consult the Spanish Agency for Data Protection (http://www.agpd.es/portalwebAGPD/index-ides-idphp.php) for further information on your rights and/or to lodge a claim when your rights have not been duly complied with.
EUROESPES reserves the right to modify the present Data Protection and Privacy Policy in accordance with the regulatory modifications that may arise, and with the doctrinal procedures established by the Spanish Agency for Data Protection. Said modifications will be duly included on the present website in order to inform registered users thereof, and those interested in EUROESPES’ services and activities, of the same.
EUROESPES will process your personal data with the utmost confidentiality, and will not use the same for any purpose that may be different from or incompatible with those described in the present communication without requesting your prior consent.
Likewise, the user may cancel his/her subscription to any of the services provided by clicking on the section “Unsubscribe from all e-mail communications sent by EUROESPES”.