Privacy Policy
1.
Data of the Data Controller
Company Name: Psifiacos, S.L.
Tax ID: B72396039
Address: Parque Tecnológico de Álava. C/ Albert Einstein, 15. Edificio BIC Araba, Oficina 216, 01510 Vitoria-Gasteiz, Álava, España
Email: info@psifiacos.com
Website: www.psifiacos.com
Data Protection Officer: dpd@data-consulting.es
2.
Applicable Regulations
Our
Privacy Policy has been designed in accordance with the General Data Protection
Regulation (GDPR) 2016/679 of the European Parliament and of the Council, of
April 27, 2016, regarding the protection of natural persons with regard to the
processing of personal data and the free movement of such data, repealing
Directive 95/46/EC (General Data Protection Regulation), along with Organic Law
3/2018, of December 5, on the Protection of Personal Data and the Guarantee of
Digital Rights, and its implementing regulations. The company may modify this
privacy policy to adapt it to legislative, jurisprudential, or interpretative
developments by the Spanish Data Protection Agency. These privacy conditions
may be supplemented by the Legal Notice, Cookie Policy, and General Conditions
that, where appropriate, are provided for the sale of certain products or
services, if such access involves any special features in terms of the
protection of personal data.
3. Purpose of Processing
Personal Data
The processing we carry out of your personal data is for the following purposes:
1. Manage your registration in our application.
2. Execute the purchase contract concluded through the application's license purchase form.
3. Register, track, and analyze health data for the purpose of issuing alerts indicating risky eating behaviors.
4. Send you commercial information based on our previous contractual relationship.
4.
Legitimacy
for Processing Collected Data
1. Application
registration form: The legitimacy for processing your data is
your explicit consent at the time of providing us with the information, as
expressed by checking the corresponding acceptance box.
2. Purchase
form: The legitimacy for processing your data is
the execution of the purchase and sale contract.
3. Health
data: Processing is necessary for the execution of
a contract in which the data subject is a party, in relation to Article 9.2.h
from General Data Protection Agreement: processing is necessary for purposes of
preventive or occupational medicine, assessment of the employee's working
capacity, medical diagnosis, the provision of health or social care or
treatment, or the management of health or social care systems and services,
based on Union law or Member State law or a contract with a health
professional, subject to the conditions and safeguards referred to in Article
9.3 from General Data Protection Agreement.
4.
Sending commercial communications: The
legal basis is the existing legitimate interest, based on our previous
contractual relationship.
5.
How Long Will We Retain Your Data?
1. Application Registration: We will retain your personal data for this processing until you delete your account, which you can do at any time.
2. Purchase Form: We will retain your personal data for the time necessary to fulfill the legal obligations arising from that purchase process.
3. Health Data: We will retain your personal data for the time necessary to fulfill legal obligations arising from this process (Basic Law 41/2002 regulating patient autonomy). Once it is completed, if you have given your consent, they will be kept for scientific purposes in a completely anonymized form, making it impossible to associate the user with their health data.
4.
Sending Commercial Communications: We will retain your personal data for this
processing until you object to it.
6.
Data Necessary for the Operation of the Application
Name
and surname, ID number, Email, Phone number, Height, Weight, Gender, Date of
birth, Blood type (Optional), use of a wheelchair, and health data.
7.
Permissions that the Application May Request
1. Client App ANNi: Receive notifications, Bluetooth, Access to health SDK, SIM card information, Write to storage.
2. Supervisor App ANNiP: Receive notifications.
3. Watch App ANNiWear: Receive notifications, Access to body measurement sensor, Write to storage.
8.
Managing Permissions
Android:
1. On your device, open the Settings app.
2. Tap Apps.
3. Tap the app you want to modify: If it doesn't appear, tap see all apps; then, select your app.
4. Tap Permissions.
▪ If you have granted or denied permissions to that app, they will appear in this section.
5. To change a permission setting, tap it and select Allow or Deny.
iOS:
1. Go to Settings > Privacy & Security.
2. Tap a category of information.
The
list displays apps that have requested access. You can enable or disable access
for any app on the list.
9.
Data Disclosures
Your
data will not be disclosed, except to fulfill legal obligations.
10.
International Transfers
No
international transfers will be carried out.
11.
Security Measures
As part
of our commitment to ensuring the security and confidentiality of your personal
data, we inform you that the necessary technical and organizational measures
have been adopted to guarantee the security of personal data and prevent its
alteration, loss, unauthorized access, or processing, considering the state of
technology, the nature of the data stored, and the risks to which they are
exposed. However, the user should be aware that security measures on the
Internet are not impervious. You can obtain more information about the security
measures we apply by contacting us through the channels indicated at the
beginning of this Privacy Policy in the section identifying the Data
Controller.
12.
Rights of the Data Subject
The data subject has the following rights regarding the processing of their personal data, and they may exercise these rights by contacting the Data Controller:
▪ If the legal basis for processing is consent, the right to withdraw it at any time, without affecting the legality of the processing prior to withdrawal.
▪ The right to request access to their personal data.
▪ The right to request rectification if the data is inaccurate, or to request its deletion (for example, if it is no longer needed for the purposes for which it was collected).
▪ The right to request the limitation of processing, provided that one of the conditions provided for in the regulations is met, in which case we will only keep the data for the exercise or defense of claims.
▪ The right to object to processing, for example, regarding the sending of commercial information by us, in which case we will cease processing your data for that purpose, except for compelling legitimate reasons or the exercise or defense of possible claims.
▪ The right to data portability.
▪
The right to lodge a complaint with the Spanish Data Protection Agency (the
competent data protection authority), especially when satisfaction has not been
obtained in the exercise of your rights: www.aepd.es
13. Data Processing
The
application also runs in the background.
The use of information received from Health Connect will adhere to
the Health
Connect Permissions policy, including the Limited Use requirements.