Hospital Perpetuo Socorro

PRIVACY POLICY – ADDTIONAL INFORMATION

 

This Privacy Policy is part of the General Terms and Conditions governing this website.

Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council regarding the protection of personal data (General Data Protection Regulation (GDPR)), and also, in accordance with the current state regulations regarding this matter, we inform you of the following:

Who is responsible for the processing of your data?
CLINICA DE URGENCIA DE NUESTRA SEÑORA DEL PERPETUO SOCORRO L.P.G.C., S.L.
[Spanish] National Tax ID no.: B35003482
Business address: C/ León y Castillo, nº 407, 35007, Las Palmas de G.C., Las Palmas, España [Spain].
Telephone no.: 928 499 900
Email: atencionusuario@hpshospitales.com
Contact information of our Data Protection Officer: dpd@hpshospitales.com

You can contact us by any means.

We reserve our right to modify or adapt this Privacy Policy at any time. We recommend you review it from time to time.

If you belong to any of the following groups, please check the drop-down information:

+ PATIENTS
For what purposes do we process your personal data?
• To provide medical and health services.
• To provide you with information regarding the results of your clinical analyses and any other medical test
• To monitor access, visits and stays in our facilities.
• For administrative management.

What is the lawful basis for the processing of your data?
The legal basis to process your medical and health data is contained in [Spanish] Law 41/2002 on Patient Autonomy of 14 November 2002 “Law on the autonomy of patients and the rights and obligations with regard to clinical information and documentation” [Ley de Autonomía del paciente y Derechos y Obligaciones en materia de información y documentación clínica]. The legal basis is also the execution of a contract for the provision of medical and health services.

Compliance with a legal obligation

In the context of Health and Tax inspections, access to health data by the competent authorities is protected by Royal Legislative Decree 8/2015, of 30 October 2015, which approves the consolidated text of the Social Security Act [Ley General de la Seguridad Social], and also by General Law 33/2011, of 4 October 2011, on Public Health [Ley General de la Salud Pública] and General Law 14/1986, of 25 April 1986, on Healthcare [Ley General de Sanidad].

Likewise, the access by duly authorised health staff, and as part of their inspection tasks is protected by Law 41/2002 on Patient Autonomy [Ley de Autonomía del Paciente].
For how long will we store your personal data?
We inform you that pursuant to article 17 of Law 41/2002, any clinical documentation will be stored at least 5 years starting from the start date of each health care process and during the period that a judge or court may require.

To which recipients will your data be communicated?
We inform you that your data will be communicated to the Regional Health Service and the entities collaborating with the [Spanish] Social Security service which have a legal obligation to access the data for the adequate provision of the medical and health assistance.

If said health assistance is provided on the basis of agreements with insurance companies or under policies or coverages of which you, as the patient, are the beneficiary, the COMPANY may provide information of the services rendered, including personal data, requested by the insurance companies or the companies covering the assistance provided, as such data is essential for said coverage and its billing.
Also, in those cases when, on account of your treatment, the use of a prosthesis or some other specific surgical material is necessary, your personal data may be communicated to the providers, only and exclusively, for that purpose.

+ WEB CONTACTS, EMAIL CONTACTS AND PRIOR APPOINTMENTS
What data do we collect through our website?
We can anonymously process your IP address, the operating system or browser you use and even how long your visit lasted.
If you provide data in our contact form, it will be identified so as to contact you, where necessary.

For what purposes do we process your personal data?
• To answer your queries, applications or requests.
• To manage the service requested, answer your enquiries or process your request.
• For information by electronic means regarding your request.
• For business or event information by electronic means, providing that there is express authorisation.
• To carry out analysis and improvements in our website, about our products and services. To improve our business strategy.

What is the lawful basis for the processing of your data?
The acceptance and consent of the data subject: in those cases where in order to make a request it is necessary to fill out a form and click the send button, filling out such form will necessarily entail that you have been informed and have given your express consent to the content of the clause appended to said form or the acceptance of the privacy policy.
All our forms have the * symbol for compulsory data. If information is not provided in those fields, or the checkbox to accept the privacy policy is not ticked, the submission of the information shall not be allowed. Usually, the following formula is used: “□ I have read and I accept the Privacy Policy.”

+ NEWSLETTER CONTACTS
What data do we collect through our newsletter?
In our website, you can subscribe to our Newsletter by providing an email address to which the newsletter will be sent.
We shall store only your email in our database and we shall then send you emails regularly, until you request to unsubscribe or we stop sending emails.
You will always have the option to unsubscribe in any communication.

For what purposes do we process your personal data?
• To manage the service requested.
• For information by electronic means regarding your request.
• For business or event information by electronic means, providing that there is express authorisation.
• To carry out analysis and improvements in mailing distribution, to improve our business strategy.

What is the lawful basis for the processing of your data?
The acceptance and consent of the data subject: in cases where you subscribe, it will be necessary to tick a checkbox and click the send button. This will necessarily entail that you have been informed and have given your express consent to receive the newsletter.
If the checkbox to accept the privacy policy is not ticked, the submission of the information shall not be allowed. Usually, the following formula is used: “□ I have read and I accept the Privacy Policy.”

+ WIFI USERS
What data do we collect through this service?
We can process your assigned IP address, connection sessions, visited pages, the operating system and browser you use and the duration of the connection.

For what purposes do we process your personal data?
• To offer you the WiFi service requested.

What is the lawful basis for the processing of your data?
The acceptance and consent of the data subject: you must fill out the corresponding form to be able to access the service. All our forms have the * symbol for compulsory data. If information is not provided in those fields, or the checkbox to accept the privacy policy is not ticked, access to the service shall not be allowed. Usually, the following formula is used: “□ I have read and I accept the Privacy Policy.”

+ CLIENTS
For what purposes do we process your personal data?
• To issue a price quote and do a follow-up through communications between both parties.
• For information by electronic means regarding your request.
• For business or event information by electronic means, providing that there is express authorisation.
• To manage administrative, communication and logistics services carried out by the responsible officer.
• For billing and the appropriate tax returns.
• To carry out the corresponding transactions.
• For control and collection management.

+ QUALITY SURVEYS
For what purposes do we process your personal data?
• To assess the quality level of the service rendered.
• To improve the services offered, in virtue of quality compliance.

What is the lawful basis for the processing of your data?
The legal basis is the express consent of respondents.

+ PROVIDERS
For what purposes do we process your personal data?
• For information by electronic means regarding your request.
• For business or event information by electronic means, providing that there is express authorisation.
• To manage administrative, communication and logistics services carried out by the responsible officer.
• To carry out the corresponding transactions.
• For billing and the appropriate tax returns.
• For control and collection management.

What is the lawful basis for the processing of your data?
The legal basis is the acceptance of a contractual relationship, or, in its absence, your consent when you contact us, or when you offer your products to us in any way.

+ SOCIAL NETWORK CONTACTS
For what purposes do we process your personal data?
• To answer your queries, applications or requests.
• To manage the service requested, answer your enquiries or process your request.
• To build a relationship with you and create a community of followers.

What is the lawful basis for the processing of your data?
The acceptance of a contractual relationship within the corresponding social network environment, and in accordance with their Privacy Policies:
Facebook http://www.facebook.com/policy.php?ref=pf
Instagram https://help.instagram.com/155833707900388
Twitter http://twitter.com/privacy
Linkedin http://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
Flickr https://policies.oath.com/ie/es/oath/privacy/products/flickr/index.html
Vimeo https://vimeo.com/privacy
Google* http://www.google.com/intl/es/policies/privacy/
*(Google+ and Youtube)

For how long will we store your personal data?
We can only access your data or have your data removed to a limited extent as you have a specific profile. We will process them for as long as you allow it, by following us in the respective social networks, by adding us as friends or clicking “like”, “follow” or similar buttons.

Any correction of your data or the limitation of information or posts must be done through the settings of your profile or user within the social network itself.

+ JOB SEEKERS
For what purposes do we process your personal data?
• To organise selection processes to hire employees.
• To schedule a job interview with you and to evaluate your application.
• If you have given us your consent, we may transfer your data to collaborating or related entities, with the sole purpose of helping you find a job.

For how long will we store your personal data?
Additionally, we inform you that after one year from the receipt of your Curriculum Vitae (CV), we will destroy it in a secure manner.

What is the lawful basis for the processing of your data?
The legal basis is your unambiguous consent when you send us your CV.

————————————-

Do we include personal data from third parties?
No, as a general rule we only process data provided by their holders. If you provide us with data from third parties, you must previously inform and ask for the consent of said parties, otherwise, we shall not be held liable for not complying with this requirement.

And what about data concerning minors?
We do not process the personal data of children under the age of 14 without the authorisation of their father, mother or legal guardian. Therefore, please refrain from providing data if you are not that age or, if applicable, from providing third-party data if they are not that age. CLINICA DE URGENCIA DE NUESTRA SEÑORA DEL PERPETUO SOCORRO L.P.G.C., S.L. shall not be held liable for not complying with this provision.

Will we contact you by electronic means?
Only to manage your request, providing that is one of the means of contact provided by you.

If we send business communications, they will have been previously and expressly authorised by you.

What security measures do we apply?
You can rest assured: we have adopted an optimal level of protection for the personal data that we handle, and we have installed all the technical means and measures at our disposal according to the state of technology to prevent the loss, misuse, alteration, unauthorised access and theft of the Personal Data.

To which recipients will your data be communicated?
Your data shall not be transferred to third parties, unless there is a legal obligation to do so. In particular, they shall be communicated to the national tax administration agency [Agencia Estatal de la Administración Tributaria] as well as to banks and financial institutions to collect the payment for the service rendered or the product purchased, and to the officers responsible for the processing necessary for the execution of the agreement.

In case a purchase or payment is made, if you choose an application, website, platform, bank card, or any other online service, your data shall be shared with such platforms or it shall be processed in their environment, always with the maximum security.

When we ask them so, our web development and maintenance company or the hosting company shall have access to our website. They will have signed a contract for the provision of services binding them to keep the same level of privacy as we do.

If you are a patient, we may communicate your data to the Regional Health Service and the entities collaborating with the [Spanish] Social Security service under obligation by law. Also, to the insurance companies that you have hired. You can find more information under the “Patients” section.

Any international data transfer when using North American applications is protected by the Privacy Shield agreement, guaranteeing that North American software companies comply with European data protection policies regarding privacy.

What rights do you have?
• To know whether we are processing your data or not.
• To access your personal data.
• To request the correction of your data, if it is inaccurate.
• To request the deletion of your data if it is no longer necessary for the purposes for which it was collected or if you withdraw the consent given.
• To request the limitation of the processing of your data, in some cases, in that case we shall only store it as established in the current legislation.
• To the portability of your data. You shall receive it in a structured, commonly used and machine-readable format. If you prefer, we can send it to the new data controller appointed by you. This is only valid in certain cases.
• To file a claim with the Spanish Data Protection Agency or the competent Supervisory Authority, if you believe we have not provided you with an adequate service.
• To withdraw your consent for any treatment you consented to, at any time.

If you modify any data, we should be grateful if you would inform us so as to keep them updated.

Do you want a form to exercise your rights?
We have forms for the exercise of your rights. You may request them by sending an email to atencionusuario@hpshosptiales.com or, if you prefer, you can use the ones created by the Spanish Data Protection Agency or by third parties. Said forms must be electronically signed or be accompanied by a photocopy of your National Identification Card.

If you have a representative, he/she must attach a copy of his/her National Identification Card or sign the document with his/her electronic signature.

Forms may be submitted in person, sent by post or by email, to the address of the Data Controller specified at the beginning of this text.

How long do we take to reply to the exercise of your rights?
It depends on the right, but within one month at the most after we receive your request, or two months if the issue is very complex. We will notify you if we need more time.

Do we handle cookies?
You may check our cookies policy in the corresponding link from our website homepage.

For how long will we store your personal data?
Personal data shall be kept for as long as you are associated with us.

Once you end that association, the personal data processed for each of the purposes shall be kept for the periods of time legally established, including the period during which a judge or court may require them according to the statute of limitations.

The data processed shall be stored provided that the legal limitation periods above-mentioned have not passed, if there is legal obligation to store it, or when no legal limitation period exists, until the data subject requests its deletion or withdraws the consent given.

We shall store all the information and communications regarding the provision of our service while the guarantees of said services last, in order to deal with potential claims.