PRIVACY POLICY
Data controller
In accordance with the provisions of Regulation (EU) 2016/679 on the protection of personal data of natural persons (RGPD), we inform you that the personal information you provide will be duly registered and incorporated into the data processing systems under the responsibility of:
Company Name: Euroespes S.A.
Commercial Name: EuroEspes S.A.
Registered Address: Santa Marta de Babio S/N - Bergondo (A Coruña)
CIF / NIF: A15319452
Telephone: 981780505
Fax: 981780511
e-Mail: info@euroespes.com
Registered in the Register: R.M. de La Coruña, Tomo 855, Sección General, Folio 202, Hoja C-1635, Inscripción 1ª
Domain name: euroespes.com
Contact details of the Data Protection Delegate: delegado@euroespes.com
Right to information
The Privacy Policy of EUROESPES S.A. (hereinafter EUROESPES), is based, among other current legal regulations, on the approval of Regulation (EU) 2016/679 on the protection of personal data of natural persons, hereinafter RGPD, as well as to cover the need to regulate access, use and participation of medical, scientific and research services developed by our institution, as well as training opportunities, events and employment offered by EUROESPES either through the website www.euroespes.es or through paper applications.
For what purpose will your data be processed?
The purpose of the processing of the personal data that you have provided to EUROESPES through its different channels of communication or collection of personal data will depend on the reason for which you have provided them to us:
- Processing of EUROESPES patients' data, the purpose of which is limited to the performance of observational clinical studies in relation to diseases of the central nervous system and ageing.
- Processing of EUROESPES patient data, the purpose of which is limited to the management and processing of information relating to the analytical tests performed and genetic tests carried out as part of the medical services provided by EUROESPES, as well as the issuing of medical reports on results and treatment guidelines, and the storage of biological samples from this type of analytical tests for repeat tests and the conservation of surplus data for biomedical research purposes.
- Processing of EUROESPES patient data, the purpose of which is limited to the management of patient medical history data and the performance of administrative tasks arising from the provision of care.
- Processing of suppliers' data for the management of their contractual relationship with EUROESPES
- Processing of EUROESPES employees' data for payroll, human resources and personnel management purposes.
- Processing of data of candidates applying for a job at EUROESPES.
- Processing of data for the purpose of carrying out video surveillance and security work at the access points to the EUROESPES facilities.
The personal data provided will be kept for the duration of your relationship with EUROESPES, and will be kept beyond this period in cases where it is relevant to the health of the interested parties, or for the period of time established by law in each case. Likewise, we inform you that your personal data will not be used by EUROESPES for the elaboration of commercial profiles. The processing of your personal information will be carried out in a lawful, fair, transparent, adequate, relevant, limited, accurate and up-to-date manner. EUROESPES therefore undertakes to take all reasonable measures to ensure that such data is deleted or rectified without delay when it is inaccurate.
Security measures
Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purpose described in point 3 of these privacy terms, as well as the risks of varying likelihood and severity to the rights and freedoms of users, EUROESPES, in compliance with the provisions of 32.1. of the GDPR, has implemented appropriate technical and organisational measures to ensure an adequate level of security, which where appropriate includes, among others: measures to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, measures to restore availability and access to personal data promptly in the event of a physical or technical incident and the implementation of a process of regular verification, evaluation and assessment of the effectiveness of technical and organisational measures to ensure the security of the processing.
Our website also uses industry-accepted information security techniques, such as firewalls, access control procedures and cryptographic mechanisms, in order to prevent unauthorised access to data. To achieve these purposes, the user/customer agrees that the provider obtains data for the purposes of authentication of access controls.
Any contracting process or process that involves the introduction of highly personal data (health, ideology,...) will always be transmitted by means of a secure communication protocol (Https://,...), so that no third party has access to the information transmitted electronically.
What is the legitimacy for the processing of your data?
The legal basis for the processing of your personal data lies in i) your request and contracting of medical services from EUROESPES, ii) your consent to have your data for research purposes, iii) the management of the request that in each case you have sent to EUROESPES, iv) your contractual relationship with EUROESPES, v) your consent to participate in activities and trainings and events organised by our institution, or vi) those situations in which the legitimacy for the processing of your personal data by EUROESPES is provided by a law.
However, as will be explained below, you have the right to exercise your right to object to the processing described above by following the instructions provided by EUROESPES for this purpose.
To which recipients will your data be communicated?
EUROESPES does not intend to make any assignment or transfer to third parties of the personal information held in its processing systems, except in those cases where you expressly authorise it or where it is required or permitted by law. In such cases, EUROESPES undertakes, where appropriate, to previously inform all users of the identity of the transferee entity, as well as the purpose of the transfer in order to obtain their consent. You are also informed that your personal information may be accessed by entities or persons outside EUROESPES, in those cases in which it is necessary for the provision of a professional service to EUROESPES. In the latter case, such transfer or access of information will be carried out under the signature of a contract for the provision of services under the terms and conditions set out in article 28 of the GDPR. In this regard, it is not foreseen that EUROESPES will carry out international transfers in which your personal information is included; however, in the event that such transfers were to materialise, and more specifically to destinations or countries that are not secure from the point of view of data protection regulations, where such regulations are not as protective of your rights and freedoms as the regulations applicable to the European Economic Area, EUROESPES will adopt all the technical, organisational and security measures imposed by the RGPD.
What are your rights when you provide us with your data?
You have the right to access your personal data, as well as to request the rectification of inaccurate data or, where appropriate, request deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected. You may request the limitation of the processing of your data, in which case, EUROESPES will only keep them for the exercise or defence of claims. Likewise, you may object to the processing of your data, in which case, EUROESPES will stop processing them, unless for legitimate reasons or for reasons of defence against possible claims, EUROESPES cannot accede to your request for opposition. Likewise, you may request the portability of your data.
To exercise these rights, you may go in person to the EUROESPES facilities to request the form provided for this purpose at the reception of the Centre, or if you prefer, you may send a written request yourself with the title: "Exercise of the right of: ............................................ "to the address: Santa Marta de Babio S/N - Bergondo (A Coruña). In all cases, please remember to attach a copy of your National Identity Document.
Likewise, in compliance with the provisions of the RGPD, you are informed that if you so wish, you may go to the Spanish Data Protection Agency (http://www.agpd.es/portalwebAGPD/index-ides-idphp.php) to obtain additional information about your rights and/or to file a complaint when your rights have not been duly addressed.
EUROESPES reserves the right to modify this Privacy and Data Protection Policy in accordance with any changes in regulations that may occur, as well as the doctrinal guidelines set out by the Spanish Data Protection Agency. All of which will be duly modified on this website in order to inform all registered users or those interested in the services and activities of EUROESPES.
EUROESPES will treat your personal information with complete confidentiality, and will not use it for purposes other than those described in this notice without first requesting your consent.
Similarly, the user may unsubscribe from any of the subscription services provided by clicking on the unsubscribe section of all emails sent by EUROESPES.