PRIVACY POLICY
1. Identification of the Data Controller
CLÍNICA MARTÍNEZ CANUT, S.L.P. is the DATA CONTROLLER for the personal data of the USER and informs that this data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of April 27 (GDPR) and Organic Law 3/2018 of December 5 (LOPDGDD).
You can contact the Data Controller through the email address contact@perioproject.com.
The address for claims will correspond to the one indicated as the Owner's address.
2. Purposes of the Processing
a) Respond to the questions that the interested party sends to the Controller.
Retention period: Data will be kept until the issue raised by the interested party is resolved. Subsequently, if necessary, the information will be kept blocked for the legally established periods.
Legal basis: Legitimate Interest of the Controller and Consent of the Interested Party.
b) Manage the subscription of the interested party to their Customer or User account, as well as access to the services and functionalities of our Customers/Users.
Retention period: Data will be kept as long as the interested party does not revoke the consent given. Subsequently, if necessary, the information will be kept blocked for the legally established periods.
Legal basis: Consent of the interested party.
Process the purchases made by the user through the website.
Retention period: Data will be processed as long as there is an interest on the part of the interested party, based on the contractual relationship when contracting the hosting service. Subsequently, if necessary, the information will be kept blocked for the legally established periods.
Legal basis: Contractual relationship.
Send commercial communications to the interested party about our services that may be of interest to them (newsletter).
Retention period: Data will be kept as long as the interested party does not revoke the consent given. Subsequently, if necessary, the information will be kept blocked for the legally established periods.
Legal basis: Express consent of the interested party.
3. Recipients of your Data
The Controller contracts with third-party data processors to provide its services. With the exception of these entities, your data will not be communicated to other third parties. If for any reason it is necessary to communicate this data to third parties, you will be informed in advance, and, if necessary, your consent will be requested, specifying the purposes of the communication and the identity of the third party to whom they will be communicated.
All of this, except in cases where a legal requirement obliges the communication of such data to a third party.
4. Rights
Individuals who provide us with their data have the following rights in relation to them:
- Right of access
- Right of rectification or deletion
- Right to limit processing
- Right to portability
- Right of opposition
- Right to revoke consent
a) Right of access
Anyone has the right to obtain confirmation from the Controller as to whether personal data concerning them is being processed and, if so, the right of access to the personal data.
b) Right of rectification
It is the right to obtain the rectification of personal data that we have and that concern you.
c) Right of deletion
It is the right to obtain the deletion of your personal data.
d) Right to limit processing
It is the right for your data to cease to be the subject of the corresponding processing operations when one of the following conditions is met:
- When you have exercised the rights of rectification or opposition and the Controller is in the process of determining whether the request should be granted.
- If the data processing is illegal, which implies the deletion of the data, but you do not want your data to be deleted by the Controller.
- When the data is no longer necessary for processing, it implies the deletion of the data, but you want the Controller to limit their processing and keep them for the purpose of formulating, exercising, or defending claims.
e) Right to portability
It is the right to obtain from the Controller, in the case of automated processing of your data, a copy of these in a structured, common, and machine-readable format or for that copy to be transmitted directly to the Controller you indicate. Please note that this right will not apply to:
- Data of third parties that you have provided to the Controller.
- Data that concerns you but has been provided to the Controller by third parties.
f) Right of opposition
It is the right to object to the processing of your personal data. Regarding the processing carried out by the Controller, you may object to the sending of commercial communications, both its own and those of third parties.
If you want more information about your rights, we suggest you visit the website of the Spanish Data Protection Agency, as well as the European Data Protection Regulation.
The exercise of these rights can be carried out by sending an email to contact@perioproject.com, clearly indicating which right you want to exercise and providing a copy of your identity document to prove your identification. You can also contact through postal mail to the social address of the Controller indicated in point 1 of this Privacy Policy.
Additionally, we inform you about the possibility of filing a complaint with the competent Control Authority, in this case, the Spanish Data Protection Agency, especially if you have not obtained satisfaction in the exercise of your rights. You can contact the Spanish Data Protection Agency through their phones 901 100 099 and 912 663 517 or by visiting them at their address C/ Jorge Juan, 6. 28001 – Madrid.
5. Security Measures
The Controller guarantees the user that the processing carried out complies with all the provisions of the aforementioned data protection regulations, GDPR, and LOPDGDD, and that the data is processed in a lawful, fair, and transparent manner in relation to the data subject and is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
Likewise, the Controller guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of USERS and has provided them with the appropriate information so that they can exercise them.
The Controller wishes to clarify that it will not process or store data or information about its patients or the results of tests carried out by them.
6. Origin and Accuracy of the Data
All the data collected come from the interested party. The User, by accepting this Privacy Policy, declares and undertakes to guarantee the truthfulness and accuracy of the data provided, as well as to be the legitimate owner of them.
Likewise, the User undertakes to keep their data updated at all times and to promptly communicate to the Controller any significant changes, such as the change of ownership of their bank account or the modification of their email account provided through the relevant forms on the website.
In this sense, the User will be solely responsible for the breach of the provisions mentioned above, releasing the Controller from any responsibility regarding data that the User has not previously communicated to them.