|RESPONSIBLE||Cirumed Clinic SL|
|PURPOSES||Provision of online services Management of web users
Commercial communications related to our services
|LEGITIMATION||Express consent and legitimate interest|
|RECIPIENTS||No data is transferred to third parties, except legal obligation|
|RIGHTS||Access, rectify and delete the data, as well as other rights, as explained in the Additional Information|
|ADDITIONAL INFORMATION||You can consult the additional and detailed information on Data Protection in the attached clauses found at https://cirumed.es/english/data-protection-policy/|
At Cirumed Clinic SL we work to offer you the best possible experience through our products and services. In some cases, it is necessary to collect information to achieve this. We care about your privacy and believe we should be transparent about it.
For this reason, and for the purposes of the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL 27th of April, 2016 (hereinafter, “GDPR”) regarding the protection of natural persons with regard to the treatment of personal data and the free circulation of these data, and LAW 34/2002, 11th of July, on Services of the Information Society and Electronic Commerce (hereinafter, “LSSI”), Cirumed Clinic SL informs the user who, as data controller, will incorporate the personal data provided by users in an automated file.
Our commitment begins by explaining the following:
Your data is collected so that the user experience improves, according to your interests and needs. We are transparent about what data we collect about you and why we do so. Our intention is to offer you the best possible experience.
Therefore, when we are going to use your personal information, we will always do so in compliance with the regulations, and when necessary, we will request your consent. We understand that your data belongs to you. Therefore, if you decide not to authorize us to process them, you can ask us to stop processing them.
Our priority is to guarantee your security and treat your data in accordance with European regulations.
Who is responsible for the processing of your personal data?
Identity: Cirumed Clinic SL
Registered office: Crta. Cadiz km185, Panorama Building ground floor, local 2
CIF No.: B92890672 Email: email@example.com
Registry data: Malaga Mercantile Registry, Volume 4414, Book 3323, Folio 45, Registry Sheet 94468.
Cirumed Clinic SL has appointed a Data Protection Officer or an internal contact person within its organisation. If you wish to make a query regarding the processing of your personal data, you can contact him by email at firstname.lastname@example.org
The personal data that the user can provide:
Name, address, and date of birth.
Telephone number and email address.
Information regarding payments and refunds.
IP address, date, and time you accessed our services, internet browser you use and data about the device’s operating system.
Any other information or data you choose to share with us.
In some cases, the completion of the registration form is mandatory to access and enjoy certain services offered on the web; Likewise, not providing the requested personal data or not accepting this data protection policy means that it is impossible to subscribe, register or participate in any of the promotions in which personal data is requested.
Why and for what do we treat your data?
At Cirumed Clinic SL we treat the information provided by interested persons with the following purposes:
Manage orders or contract any of our services, either online or in physical stores. Manage the sending of the information that you request.
Develop commercial actions and carry out the maintenance and management of the relationship with the user, as well as the management of the services offered through the website and information tasks, being able to carry out automatic evaluations, obtaining profiles and customer segmentation tasks in order to personalize the treatment according to their characteristics and needs and improve the customer’s online experience.
Develop and manage contests, raffles or other promotional activities that may be organised.
In some cases it will be necessary to provide information to the Authorities or third-party companies for audit reasons, as well as to handle personal data from invoices, contracts and documents to respond to claims from clients or Public Administrations.
We inform you that the personal data obtained as a result of your registration as a user will form part of the Registry of Treatment Activities and Operations (RAT), which will be updated periodically in accordance with the provisions of the RGPD.
What is the legitimacy for the treatment of your data?
- The treatment of your data can be based on the following legal bases:
- Consent of the interested party for the contracting of services and products, for contact forms, requests for information or registration in e-newsletters.
- Legitimate interest for the processing of our clients’ data in direct marketing actions and express consent of the interested party for everything related to automatic evaluations and profiling.
- Compliance with legal obligations to prevent fraud, communication with public authorities and third-party claims.
How long do we keep your data?
The processing of the data for the purposes described will be maintained for the time necessary to fulfill the purpose of its collection (for example, while the business relationship lasts), as well as for compliance with the legal obligations arising
from the processing of the data.
To which recipients are your data communicated?
In some cases, only when necessary, Cirumed Clinic SL will provide user data to third parties. However, the data will never be sold to third parties. External service providers (for example, payment providers or delivery companies) with whom Cirumed Clinic SL works may use the data to provide the corresponding services, however, they will not use said
information for their own purposes or for transfer to third parties.
Cirumed Clinic SL tries to guarantee the security of personal data when they are sent outside the company and ensures that third-party service providers respect confidentiality and have adequate measures to protect personal data. These third parties have the obligation to guarantee that the information is treated in accordance with the data privacy
In some cases, the law may require that personal data be disclosed to public bodies or other parties, only what is strictly necessary for the fulfillment of said legal obligations will be disclosed.
The personal data obtained may also be shared with other group companies.
Where is your data stored?
In general, the data is stored within the EU. The data that is sent to third parties that do not belong to the EU, we will ensure that they offer a sufficient level of protection, either because they have Binding Corporate Rules (BCR) or because they have adhered to the “Privacy Shield”.
What rights do you have and how can you exercise them?
You can direct your communications and exercise your rights through a request to the following email: email@example.com.
By virtue of what the RGPD establishes, you can request:
Right of access: you can request information about the personal data that we have about you. Right of rectification: you can communicate any change in your personal data.
Right of deletion and to be forgotten you can request the deletion after blocking personal data. Right of limitation to treatment implies the restriction of the treatment of personal data.
Right of opposition: you can withdraw your consent to the processing of the data, opposing their further processing.
Right to portability: in some cases, you can request a copy of the personal data in a structured, commonly used and machine-readable format for transmission to another controller.
Right not to be the subject of individualised decisions: you can request that decisions not be made based solely on automated processing, including profiling, that produces legal effects or significantly affects the interested party.
In some cases, the request may be denied if you request that data necessary to comply with legal obligations be deleted.
In addition, if you have any complaint about the processing of data, you can file a claim with the data protection authority.
Who is responsible for the accuracy and authenticity of the data provided?
The user is solely responsible for the authencticity and correctness of the data included, exonerating Cirumed Clinic SL from any responsibility in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide
complete and correct information in the registration or subscription form. Cirumed Clinic SL reserves the right to terminate the contracted services that have been held with users, in the event that the data provided is false, incomplete, inaccurate or out of date.
Cirumed Clinic SL is not responsible for the veracity of the information that is not of its own elaboration and for which another source is indicated, for which reason it does not assume any responsibility for hypothetical damages that may arise from the use of said information.
Cirumed Clinic SL reserves the right to update, modify or delete the information contained in its web pages and may even limit or deny access to said information. Cirumed Clinic SL is exonerated from liability for any damage or harm that the user may suffer as a result of errors, defects or omissions in the information provided by Cirumed Clinic SL whenever it
comes from sources other than Cirumed Clinic SL.
Likewise, the user certifies that he is over 14 years of age and that he has the necessary legal capacity to provide consent regarding the processing of his personal data.
How do we treat the personal data of minors?
In principle, our services are not specifically aimed at minors. However, in the event that any of them is addressed to children under fourteen years of age, in accordance with article 8 of the RGPD and article 7 of LO3/2018, 5th of December (LOPDGDD), Cirumed Clinic SL will demand the valid, free, unequivocal, specific and informed consent of
their legal guardians to process the personal data of minors. In this case, the DNI or other form of identification of the person giving the consent will be required.
In the case of people over fourteen years of age, the data may be processed with the consent of the user, except in those cases in which the Law requires the assistance of the holders of parental authority or guardianship.
What security measures do we apply to protect your personal data?
Cirumed Clinic SL has adopted the legally required Personal Data protection security levels and tries to install those other means and additional technical measures within its reach to prevent the loss, misuse, alteration, unauthorised access and theft of Personal Data. provided to Cirumed Clinic SL.
Cirumed Clinic SL is not responsible for hypothetical damages or losses that may arise from interference, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operational functioning of this electronic system, caused by causes beyond Cirumed Clinic SL; of delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties. people through illegitimate
interference outside the control of Cirumed Clinic SL. However, the user must be aware that security measures on the Internet are not impregnable.
Links to other websites
will the information obtained by them be associated with personal data or data that can identify the user.
However, if the user does not want cookies to be installed on his hard drive, he has the possibility of configuring the browser in such a way that it prevents the installation of these files. For more information see our Cookies Policy https://cirumed.es/english/cookies-policy/