In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereafter, “GDPR”), we inform you of our data protection policy.
1. Data Controller Details
|Company Name:||MEDICA SCIENTIA INNOVATION RESEARCH, SL (“MedSIR”)|
|Postal address:||Rambla de Catalunya, 2, 2D, 08007 Barcelona|
|Telephone:||+ 34 932 214 135|
|Contact details of the Data Protection Officer (DPO):||email@example.com|
2. Purpose, lawfulness of processing and storage period of the data
The purpose of the processing of your data is to manage the contractual relationship that links us with the company in which you provide your services, and MEDICA SCIENTIA INNOVATION RESEARCH, SL (hereafter, “MedSIR”) is lawfully entitled to do so for the satisfaction of its legitimate interests, that is, for the management of the aforementioned contractual relationship.
In the event that MedSIR processes your personal data for a purpose other than that stated in this document, MedSIR will inform you prior to processing of the purpose of the processing and will provide you with any additional information relevant to the applicable law, as well as request your consent, if applicable, if such consent is necessary to justify the lawful processing.
The personal data provided will be stored for the duration of the contractual relationship with your company. We also inform you that, apart from the aforementioned period, we will keep your data during the mandatory periods of limitation in order to comply with our legal obligations, for the management of our rights (to file or defend, where appropriate, a claim), also applying the provisions of the corporate regulations relating to the periods of filing and retention of documentation.
3. Recipients of the personal data
We inform you that your data will not be communicated to third parties.
MedSIR, in certain cases, may communicate your data to other entities with which, in its capacity as Data Processors of the data owned by MedSIR and in accordance with the provisions of Article 28 of the GDPR, it has signed into a contract that legitimizes the access of such entities to personal data, and which includes the obligations to be contemplated in the processing.
The transfer of your data to companies of the MedSIR Group, as well as access to your data by Data Processors, may necessarily involve the international transfer of data which, in any event, will be carried out on the basis of an adequacy decision (third country guaranteeing an adequate level of protection) or by means of appropriate safeguards (standard data protection clauses, binding corporate rules). This information is available to data subjects, who may request a copy by e-mail to the contact address of the Data Protection Officer.
4. Data subjects’ rights
Finally, we inform you that you have the right to obtain confirmation as to whether or not MedSIR is processing your personal data. You also have the right to access your personal data, as well as the right to request the rectification of inaccurate data or, where appropriate, to request its erasure when, among other reasons, that data are no longer necessary for the purposes for which they were collected.
In certain circumstances, you may: (i) request a restriction on the processing of your personal data, in which case we will only retain it for the purpose of filing or defending claims; (ii) for reasons related to your particular situation, you may object to the processing of your data, in which case MedSIR will cease to process them except for compelling legitimate reasons, or to exercise or defence of any claims; and, if you have given your consent for a particular purpose, (iii) you consent may be withdrawn at any time, and this shall not affect the lawfulness of the processing based on the consent prior to its withdrawal.
You also have the right to receive personal data which concerns you, and which you have provided to MedSIR, in a structured, commonly used and machine-readable format, and to transmit that data to another controller without hindrance from MedSIR. In this regard, you may request MedSIR to transmit your personal data directly, if technically feasible, to the new Data Controller indicated in your communication.
Finally, we inform you that you may exercise your rights by sending a digitally signed request (electronic ID card or other recognized certificate) to MedSIR via e-mail to firstname.lastname@example.org, or through written communication addressed to MedSIR, with domicile for this purposes at Rambla Catalunya, 2-4, 2D, 08007 Barcelona (Ref. DPO).
The content of the application must include: your name and surname; a photocopy of your national identity card, passport or other valid document identifying you and, if necessary, the person representing you, as well as the electronic document or instrument accrediting such representation; detail of the request made; address for service; date and signature of the applicant; and supporting documents for the request you make, if necessary.
Additional information about your rights can be found at https://www.aepd.es/reglamento/derechos/index.html.
If you consider that the processing of personal data concerning you infringes applicable legislation, or you are simply not satisfied with the exercise of your rights, you have the right to file a complaint before the Spanish Data Protection Agency, by any of the following means: (i) by calling +34 901 100 099, or +34 912 663 517; (ii) by electronic means, by visiting the website https://sedeagpd.gob.es/sede-electronica-web; (iii) in person, at calle Jorge Juan, 6, 28001 Madrid.