PRIVACY POLICY.
Through this privacy policy, and in compliance with the provisions of Regulation (EU) 2016/679 of 27 April 2016 on data protection and the Organic Law 3/2018 of 5 December on data protection and guarantee of digital rights, Doole Health SL (hereinafter Doole) informs users of the conditions of processing of Personal Data.
I.- DEFINITIONS.
Application: It is the mobile application of Doole
Personal Data: Any information concerning an identified or identifiable natural person. An identifiable natural person is any person whose identity can be determined, directly or indirectly, in particular by means of an identifier, such as a name, an identification number, location data, an online identifier or one or more elements of the physical, physiological, genetic, psychological, economic, cultural or social identity of that person.
Data Processing: any operation or set of operations performed on personal data or sets of personal data, whether or not by automated procedures, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of enabling access, matching or interconnection, limitation, erasure or destruction;
Usage Data: automatically collected data, either generated by the use of the Application or the Application’s own infrastructure (e.g., the duration of a page visit).
Cookies: These are small files stored on your device (computer or mobile device).
Controller: the natural or legal person, public authority, service or other body which alone or jointly with others determines the purposes and means of processing; if Union or Member State law determines the purposes and means of processing, the controller or the specific criteria for its appointment may be laid down by Union or Member State law.
Processor: the natural or legal person, public authority, service or other body processing personal data on behalf of the controller.
II. – INFORMATION COMMON TO ALL FORMS OF PROCESSING
1.- Identification
Doole with CIF B67450478 and registered office at Ctra. del Canyet s/n, Hospital Germans Trias i Pujol – Badalona (Barcelona) is registered in the commercial register of Barcelona in Volume 46958, Folio 152, General Section, Entry 1, Page 536446 Province B.
2.- Rights
To exercise your rights of access, rectification, suppression, opposition, limitation of processing, data portability, not to be subjected to automated individual decisions and revocation you can contact the postal address where the company is domiciled, or you can send an email to info@doolehealth.com with the text “data protection in the subject”.
3.- Customer service, queries and complaints.
For any query or complaint you can contact info@doolehealth.com.
The competent body to resolve disputes arising from the application of this policy is the Spanish Data Protection Authority, located at Calle Jorge Juan n. 6, Madrid.
III.- INFORMATION WHEN DOOLE ACTS AS DATA CONTROLLER
When you contact Doole directly to request information or to contract its services, it will be necessary for you to provide us with all the information requested in the contact forms. In this case, Doole will be considered responsible for the treatment and you can contact it using the contact details published in the previous section.
1.- Purpose of the treatment
Doole will use the data you provide and those that are treated while maintaining a relationship with us in order to provide the services you request and, in some cases, send you commercial information about our company.
The data obtained may be used for clinical studies. In this case, it will be dissociated and anonymized beforehand.
2.- Type of data collected: identification, contact, economic, health, and technical information collected by the cookies we use and system.
3.- Conservation: The data will be retained while maintaining the legal relationship with Doole and once it ends, during the period of conservation established by law, which in some cases can reach 15 years.
4 .- Automated individual decisions: They are not taken.
5 .- The recipients of this information are: the staff that the management of the company has previously authorized, contracted suppliers that support us and the public administration when they request data within the scope of their powers.
6.-External systems: They are used to store data. All external data storage services are located within the European Union.
7 .- Legal basis of treatment: Compliance with contractual and legal obligations and information management by applying the rules set out in the General Data Protection Regulation.
IV.- INFORMATION WHEN DOOLE ACTS AS DATA PROCESSOR.
When you use our mobile application as a patient of a health center that is a client of Doole, we will have the status of processor, being the health center responsible for the treatment. In these cases:
1.- Purpose of processing
Doole will use the data you enter in the Application and those generated in it to:
maintain the Application;
notify you of changes to our Application;
provide you with customer support and assistance;
provide you with valuable analytics or information so that we can improve the Application;
to track usage of the Application; to detect, prevent and address technical problems; and to generally
in general, to comply with contractual and legal obligations arising from the relationship with the Healthcare Facility.
In order to use the Application we need to put you in contact with your health care provider’s or socio-health care provider’s data. By accepting these clauses you authorize this data processing.
the performance of clinical studies. In this case, your data will be previously dissociated and anonymized.
Type of data collected:
Personal Data: When using our Application, we may ask you to provide us with certain personally identifiable information that can be used to identify you and persons you authorize (hereinafter “Personal Data”). Personal Information may include, but is not limited to: email address; first and last name; phone number or ID number; health information.
Usage Data: When you access the Application through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, the unique identifier of your mobile device, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data (“Usage Data”).
Tracking Data and Cookies: We use Cookies and similar tracking technologies to track activity on our Application, and we retain certain information.
Cookies are files containing a small amount of data that may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies, such as beacons, tags and scripts, are also used to collect and track information, and to improve and analyze our Application. You can instruct your browser to refuse all Cookies or to alert you when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some sections of our Application. Examples of Cookies we use: Session Cookies (to operate our Application). Access our cookies policy.
3.- Retention: The data will be retained for as long as you maintain the legal relationship with Doole and once it is terminated, for the retention period established by law that can reach up to 15 years.
4 .- Automated individual decisions: They are not taken.
5 .- The recipients of this information are: your provider of health or social-health services, the staff that the management of the company has previously authorized, contracted suppliers that give us support with which a confidentiality contract has been signed and the public administration when they request data within the scope of their powers.
6.- External systems: They are used to store data. All external data storage services are located within the European Union.
7 .- Legal basis of treatment: Compliance with legal and contractual obligations and information management by applying the rules set out in the General Data Protection Regulation.
8 .- Relationship between Doole and its customers
In compliance with the provisions of Articles 28 of the RGPD and 33 and concordant of the LOPDGDD, between Doole and its customers there is a contract of processor with all the requirements of these rules.
9.- Security. Doole applies the security measures defined in Article 32 of the RGPD, is equipped with the mandatory security document and has established all the technical means at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of the data provided.
The security of your data is important to us, but remember that there is no impregnable security measure.
V.- ENTRY INTO FORCE AND VALIDITY OF THIS POLICY.
This policy will come into force at the time it is published on our website. We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We will notify you by email and/or by a prominent notice on our Application before the change becomes effective and will update the effective date at the top of this Privacy Policy. We encourage you to review this Privacy Policy periodically to be aware of any changes. Changes to this Privacy Policy are effective when posted on this page.
