Privacy Policy
1. WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA.
a. Contact details of the data controller:
i. Full Name: CASE ON IT, S.L. (hereinafter, ‘the Entity’)
ii. Registered office: Calle Fuencarral 123, 4º Planta, CP 28010, Madrid, España.
iii. VAT: B87126249.
b. Privacy Coordinator's contact details: you can contact via email: privacy@medux.com
Case On It operates in the market under the brand name MedUX. You can contact us through the contact details on our website.
2.SCOPE OF THE POLICY
When you access and use this website, participate in any activity organised by us, or use any other means that involves the processing of personal data, you agree to accept this Privacy Policy, as well as the provisions contained in the Legal Notice and the Cookies Policy.
At the Entity we provide you with information so that, prior to filling in your personal data, you can access the Privacy Policy and any other relevant information of interest to you regarding Data Protection.
This Privacy Policy may be modified by the owner of the website when necessary, but we will communicate it to you through the website or by other means so that you can be aware of it and continue to use our ‘Services’.
Your continued use of our Services after we have informed you of such modifications will imply your agreement to such modifications, except in those cases where express consent is required, which will be duly requested.
FUNDAMENTAL PRINCIPLES
3. FUNDAMENTAL PRINCIPLES
- We will never ask for personal information unless it is actually needed to provide the services that are required.
- We will never share users' personal information with anyone, except as provided in this Privacy Policy, to comply with the law or with your express permission.
- We never use your personal information for any purpose other than that expressed in this privacy policy.
4. FOR WHAT PURPOSE DO WE USE YOUR PERSONAL DATA?
The Entity may process the personal data collected from this website for the following purposes:
- Registration and management of distribution lists: Manage the personal data of users who register through the forms available on the website. Their data will be processed in order to administer the registration process, keep distribution lists updated, and facilitate the documentation requested by the user.
- Sending information about products and services: Manage the personal data of users to send them, especially via email, relevant information about products and services that may be of interest to them. This includes communications about news, offers, and promotions related to the Entity's products and services. Additionally, we will use your information to keep you informed about events and activities that may be of interest to you.
- Customer satisfaction: Manage the personal data of users to improve customer satisfaction. Their data will be processed in order to send them information about events and to conduct surveys about our products and services. This will allow us to better understand your preferences and needs, and thus improve our offerings and services.
- Handling requests: Manage the personal data of users to address their requests for contact and/or information. Their data will be processed to provide answers to their inquiries, doubts, or comments, ensuring that they receive the attention they need.
5. WITH WHOM DO WE SHARE YOUR DATA?
As a general rule, we do not disclose your personal information to third parties without your permission, except in the following situations:
- Collaboration with External Service Providers: The Entity may share data with external entities to process transactions, deliver products, or provide services related to the website. These providers may perform tasks on behalf of the Entity, such as those mentioned above.
These providers have strictly limited access to the personal data necessary to perform their tasks and are not authorized to use them for other purposes. They must comply with the guidelines of this Privacy Notice and the laws and regulations in force regarding data protection. - Disclosure for Legal Requirements: The Entity may transfer and disclose users' personal data to third parties:
a. To comply with legal obligations.
b. When it is believed in good faith that an applicable law requires it.
c. At the request of government authorities in ongoing investigations.
d. To verify or enforce the "Terms of Use" or other relevant policies.
e. To detect and protect against fraud, technical or security vulnerabilities.
f. To respond to emergency situations; or
g. To protect the rights, property, safety, or protection of third parties, visitors to the Entity's website, the Entity, or the general public.
3. In no case your personal data are shared with third party companies without obtaining your prior consent.
6. WHERE DO THE PERSONAL DATA WE PROCESS COME FROM?
The data that the Entity processes as a result of the interactions made by the user through our website or by other means come from the following sources:
- Data provided by the user by completing the forms made available by the Entity, or that the user authorizes social networks to provide to the Entity when using social connectors to register, by completing the spaces provided for participation in promotions managed by the Entity, by sending emails or by any other means through which the user communicates with the Entity.
- Data generated as a result of the user's browsing and use of the Entity's web pages.
- Data generated as a result of the development, processing, and maintenance of the relationship established between the user and the Entity.
- Third-party data provided by the user.
- Data obtained from external sources (e.g., social networks, etc.).
- Data collected during the conduct of surveys.
- Data collected during the purchase of products and services.
The Entity may process personal data of the following types, depending on the relationship established with the user:
- Identification data (e.g., name and surname, email, postal address, phone, etc.).
- Browsing and location data (e.g., interactions with the website, pages visited, products viewed, etc.).
- Device information (e.g., information about the device you use to access the website, including IP address, device type, web browser, operating system, etc.).
7. WHAT IS THE LEGAL BASIS THAT LEGITIMIZES THE PROCESSING OF YOUR PERSONAL INFORMATION?
The Entity processes the personal data provided by users of its websites according to the following legal bases, depending on the type of data provided by the user and the interactions the user has with the Entity:
- The processing of your data for the purpose of "Registration and management of distribution lists" is based on the user's consent by providing their personal data through the forms available on the website. This allows us to administer the registration process, keep the distribution lists updated, and facilitate the documentation requested by the user.
- The processing of your personal data for the purpose of "Sending information about products and services" is based on the user's consent and the execution of the contractual relationship. By giving us your prior consent, we manage your data to send you, especially via email, relevant information about products and services that may be of interest to you, including communications about news, offers, and promotions related to the Entity's products and services.
- The processing of your personal data for the purpose of "Customer satisfaction" is based on the user's consent. This allows us to send you information about events and conduct surveys about our products and services, with the aim of better understanding your preferences and needs, and thus improving our offerings and services.
- The processing of your personal data for the purpose of "Handling requests" is based on the execution of the contractual relationship and/or the legitimate interest of the Data Controller. This allows us to manage your data to provide quick and effective responses to your inquiries, doubts, or comments, ensuring that you receive the attention you need.
8. HOW LONG WILL WE RETAIN YOUR PERSONAL INFORMATION?
The retention period of personal data will depend on the product or service the user enjoys or contracts. In any case, your data will be retained for the duration of the commercial or contractual relationship. Once this relationship has ended, we will keep your data blocked for the prescription periods of the obligations derived from the processing and/or the applicable legal deadlines, remaining available to the competent authorities to address possible responsibilities derived from the processing.
By way of example and not limitation, we indicate some of the retention periods:
- We will process the personal data of visitors who make inquiries, request information, demonstrations, quotes, submit complaints and claims, as well as people registered for our events, for the time necessary to attend and respond to the reason for their contact and/or registration with us. Additionally, we will keep your data blocked for the prescription periods of the obligations arising from the data processing, remaining available to the competent authorities to address possible responsibilities derived from the processing.
- We will process the personal data of users who receive our commercial communications until they decide to unsubscribe or cancel the subscription. All our commercial communications by electronic means allow you to opt out of receiving further emails. Once you decide to unsubscribe, we will proceed to delete your data from our systems immediately, unless there is a legal obligation that requires its retention for an additional period.
- The Entity will retain your personal data processed as a result of browsing the Website, as long as you do not revoke your consent for it, as provided in our Cookie Policy and, in any case, for a period of 1 year.
9. HOW CAN YOU EXERCISE YOUR RIGHTS?
As the holder of the rights to your personal information, you have control over this data. This also ensures that the information is accurate and truthful.
The rights you can exercise are:
- Right of Access: You can consult whether we are processing personal data concerning you at the Entity.
- Right of Rectification and Deletion: You can access your personal information and request the rectification or deletion of your data when they are inaccurate or you consider that they are no longer necessary for the purposes for which they were collected.
- Right to Object: You can object to the processing of your data, unless, for compelling legitimate reasons, or in the exercise or defense of possible claims, we keep them duly blocked during the corresponding periods as long as the legal obligations persist.
- Right to Restrict Processing: You can request the restriction of the processing of your personal information while the accuracy or legality of your data is being verified, during the exercise or defense of possible claims or litigations.
- Right to Data Portability: You can request the portability of the data you have provided to another data controller, under certain circumstances.
You can exercise your rights at no cost.
How can you file a complaint with the Supervisory Authority?
If a user believes there is a problem with the way the Entity is handling their data, they can direct their complaints to the Privacy Coordinator (privacy@medux.com) or to the relevant data protection supervisory authority, with the Spanish Data Protection Agency being the indicated one in the case of Spain.
10. SECURITY
The Entity maintains the highest levels of security required by law to protect your personal data against accidental loss and unauthorized access, processing, or disclosure, taking into account the state of technology, the nature of the data stored, and the risks to which they are exposed. When we receive your data, we use strict procedures and security features to prevent any unauthorized access.
The actions described in this section and aimed at ensuring an adequate level of security for the detected risk will include, if necessary, the following measures:
- Pseudonymization and encryption of personal data.
- Measures capable of ensuring the ongoing confidentiality, integrity, availability, and resilience of processing systems and services.
- Measures capable of restoring the availability and access to personal data quickly in the event of a physical or technical incident.
- Existence of a process for regular verification, evaluation, and assessment of the effectiveness of technical and organizational measures to ensure the security of processing.
- Periodic assessment of the risk of accidental or unlawful destruction, loss, alteration of transmitted, stored, or otherwise processed personal data, or unauthorized communication or access to such data.
- Measures to ensure that any person acting under the authority of the Entity who has access to personal data can only process such data following instructions from the Entity.
11. CONFIDENTIALITY
The personal data that may be collected will be treated with absolute confidentiality, committing to secrecy regarding them and guaranteeing the duty to keep them by adopting all necessary measures to prevent their alteration, loss, processing, or unauthorized access, in accordance with the applicable legislation.
12. ACCEPTANCE AND CONSENT
The user declares to have been informed of the conditions regarding the protection of personal data, accepting and consenting to the processing thereof by the Entity in the manner and for the purposes indicated in this privacy policy.
13. CHANGES TO THE PRIVACY POLICY
The Entity reserves the right to modify this policy to adapt it to legislative or jurisprudential developments, as well as to industry practices and the company's own activities. In such cases, the Entity will announce on this page the changes introduced with reasonable notice before their implementation.
14. RESPONSIBILITY
The user will be solely responsible for completing forms or any forms of communication with the Entity with false, inaccurate, incomplete, or outdated data.
15. COOKIES
Our website uses “cookies" to collect information about how the website is used. If you want more detailed information about how the Entity uses cookies, please refer to the Cookie Policy.
16. TRANSFERS OF DATA TO THIRD COUNTRIES
If we collaborate with providers who may have access to your data and who will process such data on behalf of and on account of the Entity, a thorough compliance verification process will be followed to ensure adequate control in data protection matters. Additionally, we will ensure those providers process personal data in accordance with applicable legislation and to, provide adequate guarantees and protect at all times the access that such third parties may have to your data.
© August 2024 (V.1)- CASE ON IT, S.L.
All rights reserved