Basic information on Data Protection
Responsible	Alberto Sureda Puigsegur DNI: 46.064.909-A C/ Sancho d’Ávila, no. 180, 08018, Barcelona
Contact	Loss: 931 246 823
DPD	info@somsalut.com
Purpose	Inquiries and requests for information from patients and third parties: Respond to the request raised.
Legitimation	Inquiries and requests for information from patients and third parties: legitimate interest to attend to the interested party in response to emails received.
Conservation	The information requested from the interested person will be kept as long as it is necessary to fulfill the purpose for which the personal data were collected, so that, once the purpose has been fulfilled, the data will be cancelled. This cancellation will lead to the blocking of the data, keeping it only at the disposal of the AAPP, judges and courts, to attend to the possible responsibilities arising from the treatment, during the period of prescription of these, once the aforementioned period has been met, the destruction of information. The second information layer details the retention periods of information in relation to different subjects. See more information in the second informative layer, below.
Provenance	Inquiries and requests for information from patients and third parties: the interested party himself or the legal representative.
Recipients	This data will be processed by “SomSalut”. We share your data with service providers who help or support us (processors), with whom the mandatory contract has been concluded under the terms of Article 28 of the RGPD.
International transfers	We do not perform international transfers with your data.
Rights	Access, rectification, opposition, deletion, limitation of processing and portability of personal data, as explained in the corresponding section.
Additional information	You can consult the additional and detailed information on Data Protection in the breakdown of sections presented below (second information layer).

General information

The purpose of this Privacy Policy is to make known the conditions that govern the collection and processing of your personal data by our entity to ensure fundamental rights, your honor and freedoms, all this in compliance with current regulations which regulate the Protection of Personal Data: Regulation 2016/679, of the European Parliament and of the Council, of April 27, 2016, relating to the protection of natural persons with regard to the processing of personal data and the circulation of these data, (hereinafter RGPD); and Organic Law 3/2018, of December 5, on Protection of Personal Data and guarantee of digital rights (from now on LOPD GDD).

In accordance with these regulations, we need to have your authorization and consent for the collection and processing of your personal data, so below, we indicate all the details of your interest regarding how we carry out these processes, with what purposes, what other entities might have access to your data and what your rights are.

Responsible Who is responsible for the processing of your data?

The Data Controller is that natural or legal person, of a public or private nature, or administrative body, who alone or jointly with others determines the purposes and means of personal data processing.

We inform you that Alberto Sureda Puigsegur (hereinafter “SomSalut”) is the owner of the website somsalut.com, with DNI: 46.064.909-A and address C/ Sancho d’Ávila, no. 180, 08018, Barcelona. You can contact by email info@somsalut.com or by phone at 931 246 823.

The personal data requested, if applicable, will consist solely of those strictly essential to identify and attend to the request made by the person holding them, hereinafter the interested party. This information will be treated in a loyal, lawful and transparent manner in relation to the interested party. On the other hand, personal data will be collected for specific explicit and legitimate purposes, and will not be subsequently processed in a manner incompatible with these purposes.

The data collected from each interested party will be adequate, relevant and not excessive in relation to the corresponding purposes for each case, and will be updated whenever necessary.

The person holding the data will be informed, prior to the collection of their data, of the general terms regulated in this policy so that they can provide express, precise and unequivocal consent to the processing of their data, if this was necessary and in accordance with the following aspects.

Purpose For what purpose do we process your personal data?

The personal information you provide to us through e-mails will be kept confidential and protected. In no case will it be allocated or used for other purposes, nor will it be given to third parties without their consent, in accordance with the principles of RGPD 679/2016 and LO 3/2018. To comply with the different legal provisions, we have established different levels of security to protect the personal data that you provide us, having adopted all the technical measures at our disposal to avoid the loss, misuse, alteration, unauthorized access and manipulation of this data personal

Below, we detail the intended uses and purposes:

Inquiries and requests for information from patients and third parties: Respond to the request raised.

Legitimation What is the legitimation for the processing of your data?

The collection and processing of your data is always justified by one or more legal bases, which we detail below:

Inquiries and requests for information from patients and third parties: legitimate interest to attend to the interested party in response to emails received.

Conservation How long will we keep your data?

We use your data for the time strictly necessary to fulfill the purposes stated above. Below we detail how long we keep the data:

For information purposes, the retention periods for information in relation to different subjects are listed:

DOCUMENT	TIME LIMIT	REF. LEGAL
Documentation of a labor nature or related to social security	4 years	Article 21 of Royal Legislative Decree 5/2000, of August 4, approving the revised text of the Law on Infringements and Sanctions in the Social Order
Accounting and tax documentation for commercial purposes	6 years	Art. 30 Commercial Code
Accounting and tax documentation for tax purposes	4 years	Articles 66 to 70 General Tax Law
Data to send information about services	As long as the interested party does not request deletion	Not applicable
Data of people who have contacted	As long as you don’t request deletion	Not applicable
Clinical histories	15 years	The personal data will be kept in compliance with the legal prescription periods that are applicable, according to Law 16/2010, of June 3, amending Law 21/2000, on the rights of information relating to health, patient autonomy and clinical documentation

Provenance How did we get your data?

Visiting the “SomSalut” website does not mean that the user is obliged to provide any information about himself.

“SomSalut” expressly prohibits minors under the age of eighteen from providing personal data without the prior consent of their parents or guardians.

Here is where the data comes from:

Inquiries and requests for information from patients and third parties: the interested party himself or the legal representative.

Security measures. What do we do to protect your data?

“SomSalut” adopts the necessary organizational and technical measures to guarantee the security and privacy of your data, to avoid its alteration, loss, treatment or unauthorized access, depending on the state of technology, the nature of the data stored and the risks to which they are exposed.

Among others, the following measures stand out:

• Guarantee the confidentiality, integrity, availability and permanent resilience of treatment systems and services.
• Restore availability and access to personal data quickly, in the event of a physical or technical incident.
• Verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organizational measures implemented to guarantee the safety of the treatment.
• Pseudonymize and encrypt personal data, if it is sensitive data.

Recipients To which recipients will your data be communicated?

This data will be processed by “SomSalut”. We share your data with service providers who help or support us (processors), with whom the mandatory contract has been concluded under the terms of Article 28 of the RGPD.

We do not carry out international transfers of your personal data.

Rights What are your rights when you provide us with your data?

Current data protection regulations protect you in a number of rights in relation to the use we give of your personal data. Each one of your rights are unique and non-transferable, that is to say, they can only be exercised by the data owner, with prior verification of their identity.

Here are the rights that assist you:

• Request access to your personal data
• Request the rectification of your data
• Request the deletion or deletion of your data (right to be forgotten)
• Limit or object to our use of your data
• Right to portability of your data for cases of telecommunications or internet services.
• Right to withdraw your consent at any time
• Right to submit a data protection claim to the Control Authority: Spanish Data Protection Agency

How can you exercise your rights?

For the exercise of your rights of access, rectification, deletion, limitation or opposition, portability and withdrawal of your consent, you can do it as follows:

In person or by email to:

Alberto Sureda Puigsegur

DNI: 46.064.909-A

info@somsalut.com

In addition to the rights that assist you, if you believe that your data is not being requested or treated in accordance with the current Data Protection regulations, you can make a claim to the Control Authority, the contact details of the which we indicate below:

Spanish Data Protection Agency

C/ Jorge Juan, 6. 28001, Madrid.

Email: info@agpd.es

Telephone: 912663517

Website: https://www.agpd.es

Consent and acceptance

Acceptance of this document indicates that you understand and accept all the clauses of our privacy policy by which you authorize the collection and processing of your personal data in these terms.