Privacy

Published:  June 14, 2023  

BASIC INFORMATION ON DATA PROTECTION 

Responsible for data processing: 3DHealthAI, S.L. with CIF B-40644445 (hereinafter 3DHealthAI). 

Purpose of data processing: To provide information about the services provided by 3DHealthAI, to provide resources related to the brand’s activity and to attend user requests. 

Legitimacy of data processing: The processing is based on the consent of the data subject when entering their data on the website. 

Recipients of assignments or transfers of data: They will only be provided in order to fulfill the purposes that motivated the user to provide them and to comply with legal obligations. 

Rights of data subjects: Access, rectification, cancellation, opposition, revocation and limitation. 

Origin of the data: Introduction through the web forms. 

Additional information: You can complete this information on our website. 

PRIVACY POLICY

Our processes and policies are adapted to the European Personal Data Protection Regulation.
Therefore, any user who enters their data in one of the forms on our website, has the option to mark expressly, freely, unequivocally and specifically that they accept the privacy policy of the website.  

What information do we want to communicate to you? 

1.- WHO IS RESPONSIBLE FOR THE TREATMENT OF YOUR DATA? 
2. WHAT DATA ARE WE GOING TO COLLECT AND FOR WHAT PURPOSE?  
3. HOW LONG WILL WE KEEP YOUR DATA? 
4. WHAT IS THE LEGITIMACY FOR THE PROCESSING OF YOUR DATA? 
5.- WHAT SECURITY MEASURES ARE IMPLEMENTED TO PROTECT MY DATA? 
6. WILL YOUR DATA BE COMMUNICATED TO OTHER RECIPIENTS? 
7. WHAT RIGHTS DO YOU HAVE WHEN YOU PROVIDE US WITH YOUR DATA? 
8. HOW CAN I EXERCISE MY RIGHTS? 
9. LINKS TO OTHER WEBSITES  
10. COOKIES 

1. WHO IS RESPONSIBLE FOR YOUR DATA PROCESSING?

Identity: 3DHealthAI SL CIF B-40644445 (in the legal texts, 3DHealthAI) 
Postal address: Polígono Industrial Los Vientos, Calle Levante S/N 

E-mail: [email protected] 

 2. WHAT DATA DO WE COLLECT AND FOR WHAT PURPOSE?

Through the website inuba.com we collect the following data: 

Contact data of those users who request information about iNuba and want to receive information about our services and proposals. 

We also process data in order to provide you with periodic information (newsletter) of interest about what we do. 

We also provide free downloadable resources. 

Finally, it is possible that we link events of interest or even manage and disseminate them, so you can probably access your registration through our links or even in some cases we can carry out the management directly. 

In other cases, the management process is carried out through event management platforms. 

We inform you that once collected, your data are processed and become part of our databases, being processed for the purposes described above.

3.HOW LONG WILL WE KEEP YOUR DATA?

Personal data collected through the website forms will be kept for the period necessary to fulfill the purposes for which the information has been provided. Once these purposes have been fulfilled, they may be kept for a period of 4 years for statistical, administrative and commercial purposes of the entity. If the data have been provided in order to be provided with certain services, they will be kept while the relationship of provision of the same is maintained and once elapsed, for the time legally established for this purpose.

4. WHAT IS THE LEGITIMACY FOR THE PROCESSING OF YOUR DATA?

Legally we can process the data that we request from you after you have provided us with your consent to do so by expressly expressing it by checking the box I have read and accept the privacy policy of the forms on our website, or by any mechanism that we can make available to you and that unequivocally indicates your consent (unequivocal opt-in verification, signature of event attendees, mobile application download, body scan, etc.). In other cases, the legitimacy will come from the legal obligation to process and maintain such data (e.g., for the purpose of fulfilling accounting and tax obligations, etc.).

5.- WHAT SECURITY MEASURES ARE IMPLEMENTED TO PROTECT MY DATA?  

The collection of personal data through the forms inserted on the inuba.com website is carried out in a secure environment as we use the SSL cryptographic protocol which means that communications between the server and the client are transmitted encrypted. The web pages that use this protocol start with https, if a cyber-attack were to occur, only an encrypted data flow would be obtained.

Additionally, all applications or systems that make use of Health Connect are protected against unauthorized or unlawful access, destruction, loss, alteration, or disclosure. We implement robust encryption and access control mechanisms to safeguard sensitive data.

Google Health Connect Integration

Our privacy policy also adheres to the specific requirements of the Google Health Connect platform, according to the following principles:

  1. Transparency and Control: We clearly explain what data is collected, why it is collected, and how it is used. We also provide users with control over their data, allowing them to manage and delete their information.
  2. Access and Permissions: We only request access to the data necessary to provide the primary functionalities of our application or service. We do not request permissions that are not critical to our product’s functionality.
  3. Data Security: We implement robust security measures, including encrypting data both in transit and at rest, to protect users’ sensitive information.
  4. Limited Use of Data: We commit to using users’ data only to provide and improve our services and not for prohibited purposes such as selling data to third parties or using it for advertising.
  5. Legal Compliance: We comply with all applicable laws and regulations and maintain security practices in line with recognized standards such as ISO/IEC 27001.

User Rights and Choices:

Users have rights over their information, including the right to access, rectify, delete, and limit the use of their data. To exercise these rights, users can contact us at [email protected].

Data Usage Statement:

The use of information received from Google Health Connect APIs will adhere to the Google Health Connect and User Data Policy, including the Limited Use requirements.

6. IS YOUR DATA TRANSMITTED TO OTHER RECIPIENTS?

The data you enter on the website will not be communicated to other entities, except by law or in order to comply with the purpose for which they were provided.

In order to carry out the management of registrations and communication with users, we use ActiveCampaign, an American company adhered to the Privacy Shield by which they accredit a level of security and protection similar to those to be implemented in the EU to protect personal data. In addition, the company provides on its website the EU Standard Contractual Clauses (the “SCC”), which in general were confirmed by the CJEU, for its execution.

Possible changes in the recipients will be communicated/published, keeping this information updated and available to users.

7. WHAT RIGHTS DO YOU HAVE WHEN YOU PROVIDE US WITH YOUR DATA?

They are the following: 

Right to information: you have the right to be clearly informed BEFORE your data is collected about what data of yours is being processed, for what purpose it is processed, where they have obtained the data and whether they are going to communicate it or have communicated it to someone. 

Right of access: to know which of your data are being processed, for what purpose they are processed, where they have obtained the data and if they are going to communicate them or have communicated them to someone else. 

Right of rectification: to modify your inaccurate or incomplete data. 

Right of cancellation: to cancel your inadequate or excessive data. 

Right of opposition: to prevent your data from being processed or to stop them from being processed, but only in the cases established by law. 

Right to limitation of processing: to request the suspension of data processing in the cases provided for by law. 

Right to data portability: to be able to receive your data provided in a structured and commonly used electronic format and to be able to transmit it to another data controller. 

Right not to be subject to individualized decisions: so that no decision is made about you that produces legal effects or affects you based solely on the processing of your data.

8. HOW CAN I EXERCISE MY RIGHTS?

To exercise any of your rights you must request it to the email [email protected] It will be necessary that you attach: 

1.- Photocopy of your ID card (passport or other identity document) or electronic signature. 
2.- Content of the request you are making and, if necessary, the documents that prove it. 
3.- Address (for notification purposes), date and signature. 

If you exercise your rights by an expressly appointed representative, you must provide the document or electronic instrument proving the representation. 

In the event that the owner of the data is a minor or incapacitated, the rights will be exercised by his or her duly accredited legal representative. 

We will take care to respond to your request within the legally established deadlines and in the most appropriate manner. In any case, you can go to the Personal Data Protection Agency in defense of your legitimate interests.

9. LINKS TO OTHER WEBSITES 

This privacy policy only applies to personal data collected through our website but, as it contains links to other sites, you should be aware that by clicking on one of these links you are leaving our website, so you should read the privacy policies of those other websites that collect personal data, as 3DHealthAI is not responsible for the privacy practices of those other websites. 

If you want more information, the Spanish Data Protection Agency has published a citizen’s guide, you can access here.