logo

PERSONAL DATA PROTECTION CLAUSE

DONOSTIA-SAN SEBASTIÁN, November 22, 2024

In compliance with the General Data Protection Regulation (EU Regulation 2016/679 - GDPR), the Organic Law on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), and other applicable European and international data protection regulations, we inform you that the data you provide us, as well as those obtained from legitimate public sources, will be processed according to the following terms:

Data Controller

  • Responsible Entity: NGS HEALTH AND MIND SL
  • Tax Identification Code: B75181743
  • Registered Office: PQ EMPRESARIAL ZUATZU EDIF EASO 4 LOC 1, 20018 DONOSTIA-SAN SEBASTIÁN (GIPUZKOA)
  • privacyPolicy.listItem1Subitem4

Processed Data

We process the following categories of data:

  • privacyPolicy.listItem2Subitem
    • Data provided directly by users through forms:
    • Name and surname.
    • Email address.
    • Contact information (phone and address, if applicable).
    • Additional information voluntarily provided in open fields.
  • privacyPolicy.listItem3Subitem
    • Names, surnames, and content of reviews or comments posted on online platforms, such as interactive digital maps and social networks, within the framework of voluntary and public opinions.

Note: Only publicly accessible personal data will be processed in accordance with Article 6(1)(f) of the GDPR, ensuring its use for legitimate and proportional purposes.

Purposes of Processing

The personal data collected will be processed for the following specific and clearly defined purposes:

  • To display your clinic interactively on online maps, ensuring the visualization of verified and authentic information.
  • Management of advertising campaigns and commercial prospecting: Personalization of content to enhance user experience and promote services related to affiliated clinics.
  • Guarantee of truthfulness and trust: Use of data from public reviews to support the credibility and legitimacy of the opinions presented on our portals.
  • Compliance with applicable legal and regulatory obligations.

Legal Basis for Data Processing

Data processing is carried out based on the following legal grounds:

  • Explicit consent: Granted by ticking the corresponding box in forms.
  • Legitimate interest: Processing data published on public platforms to improve the quality and reliability of the services offered.
  • Compliance with legal obligations: Related to applicable data protection regulations.

Data Retention Period

Data will be retained only for the time necessary to fulfill the purposes for which they were collected and while valid consent exists or an active contractual relationship is maintained. Once this period ends, data will be deleted or anonymized, unless a legal obligation requires otherwise.

Data Subject Rights

As a data subject, you have the right to:

  • Access: Confirm whether your data is being processed and access them.
  • Rectification: Correct inaccurate or incomplete data.
  • Deletion ('right to be forgotten'): Request the deletion of your data when they are no longer necessary or when you withdraw your consent.
  • Restriction of Processing: Restrict the use of your data under certain circumstances.
  • Portability: Receive your data in a structured and commonly used format, or transfer them to another controller.
  • Objection: Reject the processing of your data based on legitimate interests or for direct marketing purposes.
  • Withdrawal of Consent: Revoke your consent at any time without affecting the lawfulness of processing carried out previously.

To exercise these rights, send a request via:

privacyPolicy.exerciseRightsSubitem1

Postal Address: PQ EMPRESARIAL ZUATZU EDIF EASO 4 LOC 1, 20018 DONOSTIA-SAN SEBASTIÁN (GIPUZKOA).

Additionally, you have the right to lodge a complaint with the Spanish Data Protection Agency (www.aepd.es) if you believe that the processing of your data violates current regulations.

Security and Confidentiality

NGS HEALTH AND MIND SL adopts advanced technical and organizational measures to protect your data against unauthorized access, loss, alteration, or disclosure. These measures include:

  • NGS HEALTH AND MIND SL adopts advanced technical and organizational measures to protect your data against unauthorized access, loss, alteration, or disclosure. These measures include:
  • Data encryption in transit and storage.
  • Strict access control.
  • Regular audits to ensure regulatory compliance.

Processing of Data from Public Sources

We comply with regulations governing the collection and use of personal data from public sources. Data obtained from reviews on online platforms are processed exclusively to:

  • We comply with regulations governing the collection and use of personal data from public sources. Data obtained from reviews on online platforms are processed exclusively to:
  • Validate the authenticity of shared opinions.
  • Ensure that the information displayed on our portals is accurate and reliable.

International Data Transfers

In the event that personal data must be transferred outside the European Economic Area (EEA), compliance with the GDPR will be ensured by applying appropriate safeguards such as standard contractual clauses, recognized certifications, or adequacy decisions.

Modifications to This Policy

This clause will be reviewed and updated periodically to ensure its compliance with applicable regulations. Any changes will be communicated to interested parties through our official channels.

NGS HEALTH AND MIND SL guarantees the maximum protection of your personal data, acting in accordance with the highest standards of privacy and security. If you have any questions or need additional clarifications, do not hesitate to contact us.