PRIVACY POLICY
1. Object
This Privacy Policy aims to make known the way in which we collect, process and protect the personal data that you as a User have provided to us, through our website or blog (hereinafter Website) and freely decide if you want us to let’s treat them.
Likewise, it aims to comply with the General Regulation for the protection of personal data 2016/679 (hereinafter RGPD) and Organic Law 3/2018 on the protection of personal data and guarantee of digital rights (hereinafter, LOPDGDD).
2. Identification of the Data Controller
| Identity | |
| CIF/NIF | |
| Address | |
| Phone | |
| Company purpose | |
| Website | https://www.physiomri.com/ |
| Registration data |
3. Processing of personal data
The personal identification and contact data that you provide us through our contact forms, email, etc., will be treated confidentially and only by personnel authorized by our entity.
All categories and types of personal data processed will be duly identified in the corresponding processing activities owned by our entity.
4. Purpose
In general, the processing of personal data carried out by our entity has the purpose of maintaining the relationship with different groups of people, such as our clients, suppliers, our staff, job applicants, users of our website/blog or networks. social and interested parties in general who contact our entity through our web forms, email, telephone or in person.
Depending on this relationship, the processing of your data obeys different purposes since it may be to respond to requests for information, complaints, claims and others that the interested parties proactively send us, also to comply with our contractual, commercial, legal obligations or for the attention to the exercise of rights.
If you are a Client, your personal data will be processed for the sole purpose of maintaining the business, contractual or commercial relationship, whether for the provision of services, for accounting and billing management, or other purposes to which we are obliged. to comply with said relationship and the laws that we must comply with.
If you are a Potential Client or an Information Requestor, we will process your data exclusively to respond to your requests, including in our response commercial information related to your request.
We do not send advertising without the prior consent of the interested parties, except to our clients and always about services or products related to those already provided or acquired.
If you are a job applicant, we will process your data to include you in our selection processes and job pool.
If you are a supplier, your personal data will be processed for the sole purpose of maintaining the commercial relationship, whether for the provision of services, for accounting management, as well as for other purposes to which we are obliged to fulfill said relationship and with the laws to which we are subject.
Data can also be processed for different purposes by accepting the installation of our cookies. For more information visit our Cookies Policy .
The purposes that motivate the processing of personal data will be duly identified in the corresponding processing activities owned by our entity.
5. Legitimation
The processing of your personal data by our entity is carried out with the following legitimizing bases:
to. Your express, free, informed and unequivocal consent, since we inform you of this privacy policy that after reading it and agreeing, you can voluntarily authorize us to process your data by checking the boxes provided for this purpose in our forms.
In this regard, we inform you that at any time you can change your mind and withdraw your consent by contacting our postal address or by email.
b. Compliance with the commercial or contractual relationship with you, if you are a client, supplier or part of our staff.
c. Comply with our legal obligations and our legitimate interests.
In the event that the user is under 14 years of age, it will be necessary to have the consent of the parents, guardians or legal representative to process their data.
The user is solely responsible for the veracity of the data they send us.
6. Data retention
The personal data provided will be kept for the time necessary to fulfill the purpose for which it is collected, for the time required by law and as long as it is necessary to resolve possible responsibilities arising from the processing mentioned in the purposes.
In the case of job applications, they will be kept for a maximum period of 1 year or until the interested party asks us to delete their data.
7. Profiling
We do not create profiles using your personal data, but if we do so you will be informed and request prior permission to do so.
Likewise, you have the right to object to this type of processing at any time.
8. Data transfer
As a general rule, our entity does not transfer personal data to third parties, although there may be cases where this is necessary:
If you are a client or supplier, your personal data may be transferred to third parties by legal obligation (eg Tax Agency), or in those cases and entities necessary to provide you with our services or pay invoices (eg banking entities).
Likewise, your personal data as a client or supplier may be processed by certain suppliers to whom we delegate some of our obligations (eg accounting advisors). All of them have committed, through a data processor contract, to comply with the same security measures implemented by our entity, as well as to submit to the duty of secrecy and confidentiality regarding the personal data processed, among other protection obligations. of personal data.
If you are a job applicant, your data may be transferred to other companies in our group, although we will request your authorization to do so.
If you are a requester of information or a user of our website, your data will not be transferred to third parties, unless we are legally obliged to do so.
In the event of transfers to other entities or other countries outside the EEA, we will inform you and request your prior and express consent.
9. Security Measures
Our entity has implemented all the necessary technical and organizational measures to protect the personal data processed, preventing its loss, theft or unauthorized use.
These measures have been created based on the type of data processed and the purposes that motivate said processing. These are periodically verified in our internal controls for compliance with personal data protection regulations and through external audits.
10. Rights of interested parties
You have the right to know if our entity is processing your personal data; Therefore, you have the right to access your data, rectify it if it is inaccurate or request its deletion when the data is no longer necessary, whenever legally possible.
You can also exercise your right of opposition, limitation or portability if you deem it appropriate, you may even revoke your consent and to exercise your rights you must do so in writing to info@physiomri.com, attaching a copy of your ID or equivalent document to provide us with Your ID.
If the person who wishes to exercise their rights is under 14 years of age, they may do so through their parents, guardians or legal representative.
We inform you that you have the right to make a claim before the Spanish Data Protection Agency at: C/ Jorge Juan, 6, 28001 Madrid or at www.aepd.es.
11. Commitment to the Protection of personal data
Area of application
Our commitment to the protection of personal data will be mandatory for all departments, employees of our entity and those who act on our behalf.
Object
We have established action protocols for the processing of personal data, in accordance with the provisions of European and Spanish data protection regulations.
Beginning
Legality, Loyalty, Transparency, Minimization of data, Accuracy, Limitation of the retention period, Integrity, Confidentiality and Active responsibility.
Special category of data
The processing of personal data that reveals ethnic or racial origin, political opinions, religious or philosophical convictions, trade union membership, the processing of genetic or biometric data, data relating to health or data relating to sexual orientation is prohibited. except in legally authorized exceptions and with the prior consent of the interested party.
Rights of interested parties
The interested parties will enjoy the right of access to their personal data, as well as to rectify them when they are inaccurate, delete them when they are no longer necessary or their processing is not desired, limit them to certain treatments, have the possibility of receiving their data easily and in formats. structured and in common use by the person responsible, as well as that your data is used for profiling and to oppose processing at any time.
Record of Activities, Impact Assessment and Security Measures
Our entity will carry out a record of the processing activities and will analyze the purposes of the processing, categories of interested parties and data, recipients, international transfers, retention periods, etc., to evaluate the risks of the processing and implement security measures. necessary security to guarantee the confidentiality, integrity and availability of personal data.
Likewise, we have analyzed the need to prepare an Impact Assessment and appoint a Data Protection Officer, establishing, if necessary, that the person designated for this position has sufficient knowledge and experience in accordance with the provisions of current regulations.
Control
Likewise, we have external consultants who monitor any publication made by the competent control bodies and other European and Spanish entities related to the Data Protection Regulations, in order to comply with these regulations at all times.
12. Update of this Policy
Our entity reserves the right to modify this Policy without prior notice. That is why we recommend consulting it every time you visit our website.