Data Protection Policy

This Data Protection Policy refers to both the Data Protection Policy of the website www.estudiodipcan.com and the DIPCAN Study Data Protection Policy.

Data protection policy of www.estudiodipcam.com

1. Introduction

This is the privacy policy of www.estudiodipcan.com. This document explains the policies for the collection, use and disclosure of personal information and applies to this website, unless expressly stated otherwise.

2. Identification of the parties

The entity that owns the domain www.estudiodipcan.com Is:

Eurofins Megalab, S. A. U., with NIF A78873973, domiciled at 28014 Madrid, calle de Alfonso XII, number 42, 1st Floor. You can contact ventaonline@megalab.es. Likewise, you can contact your data protection delegate at dpd@megalab.es

3. Information we collect and how we use it

All personal data collected will be treated confidentially by the owner of the website, of Spanish nationality, as part of the developer of the DIPCAN Project.

The information provided electronically will be processed to provide you with the navigation service on this website. In the case of webmaster users, their Nickname or alias, their email and access history; in the case of website visitors, the browsing data collected by the installed cookies, which can be configured at your discretion by accessing the link:
https://estudiodipcan.com/en/cookie-policy/

Through cookies we can maintain the registered user login, provide statistics associated with the use of the Page, location of our offices and anti-spam systems (captcha). See our cookie policy for information about the cookies included in this website.

4. Legal Basis

The legal basis for the processing of the data is:

-In the case of technical cookies, the legitimate interest of the data controller.
-In the case of analytical cookies, and marketing or advertising cookies, the free and informed consent of the interested party, through the voluntary configuration of these.
-In the case of user registration, the relationship

5. Data communication

The personal data collected through this website will not be transferred to third parties, except legal obligation imposed on the Data Controller.

6.International data transfer

Personal data collected through this website will not be transferred to any other country or international organization outside the European Economic Area.

7. Storage period

The data of webmaster users will be kept as long as the professional relationship between the parties is maintained or as long as there are legal responsibilities attributable to the Data Controller.

The data of the users of the web will be kept as long as the user allows its use through the acceptance/configuration of cookies made by himself, does not withdraw his consent given through the cookie configuration panel, as long as he does not delete the history of cookies stored in your browser or while there are legal responsibilities attributable to the Data Controller.

8. Rights’ Exercise

You can exercise the following rights:

1. Right to withdraw your consent at the time you deem appropriate.
You can withdraw your consent to the use of cookies by configuring the use of cookies, rejecting those you do not want and deleting your browser history.

2. Right of access.
To find out if the data controller is treating your personal data or not.

3. Right of rectification.
To obtain the rectification of your personal data when they are inaccurate.

4. Right of deletion, cancellation or right to be forgotten.
To request the deletion of your personal data.

5. Right of opposition.
To oppose the person responsible for processing your personal data.

6. Right to limit your treatment
To limit the processing of your personal data by the data controller.

7. Right not to be the subject of a decision based on automated processing.
Our analytical cookies and marketing and advertising cookies allow us to analyze which sections of our website you visit and what your interests are, so we profile the user based on your preferences. This allows us to enhance our website and tailor advertising to your interests.

In order not to be subject to the aforementioned analyses, you must reject analytical cookies and marketing and advertising cookies.

How you can withdraw your consent

You can do so by accessing here:
https://estudiodipcan.com/en/cookie-policy/
where you can reject or reconfigure the use of cookies. You should also delete the history of cookies stored in your browser.

9. Security measures

The owner of the website adopts the necessary technical and organizational measures to guarantee the security of personal data and to prevent their alteration, loss, treatment or unauthorized access, taking into account the state of the technology, the nature of the data and the risks to which they are exposed.
The Page has the SSL Certificate (Secure Socket Layer), in order to guarantee the security in the transmission of data between your browser and our Page.
The secure server establishes a connection so that the information is transmitted encrypted, which ensures that it is only intelligible for the user’s device and that of the Page. In this way, when using the SSL protocol, it is guaranteed:

• That the user is communicating their data to the server center of the Page and not to any other.

• That between the user and the Page the data is transmitted encrypted, avoiding its possible reading or manipulation by third parties.

• To verify that you are in a safe environment, you can:

• Verify that the Page address begins with https://

• Check that a lock icon appears in the address bar of your browser.

10. Changes in the Data Protection Policy

The owner of the website can modify this Privacy Policy without prior notification, so we ask you to review it frequently. If such changes materially affect their use or disclosure of personal information already in their possession, you will be asked to accept the new version of this Privacy Policy as amended. Changes and clarifications will be effective immediately upon your first use of our website upon posting on our website.

11. Contact us

If you wish to: access, correct, modify or delete any personal information we have about you, register a complaint, or simply want more information, contact the co-controllers at the addresses mentioned at the beginning of this document.
In the event that you consider it appropriate, you can file a claim with the Spanish Agency for Data Protection, as Control Authority.
 www.aepd.es

Last update: November 2, 2022

b) DIPCAN Study data protection policy

1. Introduction

This is DIPCAN’s privacy policy. This document explains DIPCAN’s policies for the collection, use and disclosure of personal information and applies to this website, unless expressly stated otherwise.

2. Identification of the parties

The promoters of the DIPCAN Project develop a common Privacy Policy for the processing of personal data, within the framework of a co-responsibility agreement signed by them, in which they jointly establish the means and purposes of the treatment.

The details of each entity are:

–Fundación MD Anderson International España, with NIF G82822941, domiciled at 28023 Madrid, calle de Gómez Hemans, number 22. You can contact info@fundacionmedanderson.es. Likewise, you can contact your data protection officer at dpd@fundacionmdanderson.es.
– Eurofins Megalab, S. A. U., with NIF A78873973, domiciled at 28014 Madrid, calle de Alfonso XII, number 42, First Floor. You can contact ventaonline@megalab.es. Likewise, you can contact your data protection delegate at dpd@megalab.es.

3. Information we collect and how we use it

Your participation in DIPCAN makes it necessary to register and fill in forms on the Website.
Through them, it provides us with the necessary data for the development of the Study. Except for those that require your explicit consent, the contact form fields marked with an asterisk (*) are considered mandatory fields. If you do not provide them, it will not be possible to meet your request.

The information provided by the user, expressly and unequivocally voluntarily, within the framework of the DIPCAN project will be processed in order to carry out a study that allows the integration and unification of all the clinical, analytical, radiological, and molecular pathology information that we receive. It will allow the elaboration of health strategies to prevent, initially diagnose and treat the most prevalent tumors in the population in a more effective way.

Other purposes are the processing of your data for registration in this Platform that allows the interrelation with the co-responsible parties.

The data may be processed to send you information about the development of the project. As well as directing surveys in order to improve our quality processes in services.

Through cookies we can maintain the registered user login, provide statistics associated with the use of the Page, location of our offices and anti-spam systems (captcha). See our cookie policy for information about the cookies included in this website.

4. Legal Basis

The provision of health care through testing, as well as the management of appointments and results, is based on art. 6.1.b) of the RGPD, as it is a necessary data processing for the execution of the relationship established between those responsible and the subject of the Study. The data will also be processed in compliance with the legal obligations applicable to the person in charge (art.6.1.c) RGPD), both for its internal and business management and those derived from the health regulations applicable in each case, in particular, Law 14/2007, of July 3, on biomedical research, Law 41/2002, of November 14, basic regulation of Patient Autonomy. You can consult the Seventeenth Additional Provision of LO 3/2018 on the Protection of personal data, as well as in the regulations developed at the regional level. The legitimate interest of those responsible in keeping you informed of their health and research activities. The legitimate interest for the development of policies that improve the quality of the services offered to the user. Lastly, data processing may be based on legitimate interest when necessary to defend your interests in the event of legal action
directed against the respective controllers (art.6.1.f).

In compliance with article 9.2.a) RGPD, when health data is required, express written consent must be requested.

You have the right to object to the above and, in accordance with your request, Dipcan will stop processing this information, except when I) it is processed to perform an existing contract II) it is processed to comply with a legal obligation III) Dipcan can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms; or IV) is necessary for the establishment, exercise or defence of legal claims.

In accordance with the provisions of article 21.2 LSSICE, if you do not wish to receive this information, you can unsubscribe at any of the email addresses provided, indicating “unsubscribe from DIPCAN communications”.

5. Data communication

The co-responsible for the treatment will only communicate your personal data to subcontracting companies and professional advisors that participate in the creation, development, and execution of this study (which will be subject to the obligations imposed by our legal system) to help the uses described in this Policy of Privacy and/or to audit the operations of this project.

We may also disclose your personal information if we are required to do so by law or if you violate our terms of service.

Your data may be communicated to European, state or regional Public Administrations with powers in the field of Scientific Studies for the functions of control and monitoring, permits and authorizations, health inspections and control of scientific research, following the established legal provisions.

Authorities that legally request it in fiscal, judicial, data protection control authorities, control of European funds, etc.

Ethics Committees to monitor the proper development of the phases of the Study.

The rest of the specific data transfers have been communicated to you in the information and consent documents that you have signed to be part of the Study.

The co-responsible parties guarantee that access to your personal information will be restricted to the Study Investigator and his collaborators, health authorities, the Research Ethics Committee and the promoter’s monitors and auditors, who will be subject to the duty of secrecy inherent to their profession, when required. require, in order to verify the data and procedures of the study, but always maintaining the confidentiality of these in accordance with current legislation.

6. International data transfer

In any case, the co-controllers will not transfer personal information to countries outside the European Union for which the European Commission has not issued an adequacy decision, if the appropriate or adequate safeguards are not provided. Where applicable, you may contact the joint controllers (see contact information provided at the beginning of this document) to obtain a copy of the appropriate or suitable safeguards provided in relation to transfers to countries
outside the European Union.

7. Storage period

The registration and contact data will be kept for the duration of the relationship and its deletion will not be requested.

The data related to the information of the Study are subject to retention periods of 5 years by legal virtue. Likewise, other terms derived from the laws that are applicable to the contractual relationship may be applied.

To see the duration of cookies, see the Cookies Policy.

However, the data may be kept by virtue of the limitation periods of possible legal actions between the user and the joint controllers, for the defence of the legitimate interests of the parties.

8. Rights’ Exercise

You can exercise the following rights:

1. Right to withdraw your consent at the time you deem appropriate.
You can withdraw your consent for the processing of your personal data at any time without affecting the treatment that has been carried out previously.

2. Right of access.
To find out if the data controller is treating your personal data or not.

3. Right of rectification.
To obtain the rectification of your personal data when they are inaccurate.

4. Right of deletion, cancellation or right to be forgotten.
To request the deletion of your personal data.

5. Right of opposition.
To oppose the person responsible for processing your personal data.

6. Right to limit your treatment.
To limit the processing of your personal data by the data controller.

7. Right of portability.
To receive your personal data in a structured format and transmit it to another data controller.

8. Right not to be the subject of a decision based on automated processing.
So that profiles cannot be made with your data or decisions based solely on automated processing.

How you can withdraw your consent

If you have given your consent to the processing of your personal data, you can withdraw it at any time by contacting us using the options mentioned at the end of this document. In this case, the co-controllers may require you to prove your identity before registering said withdrawal. The withdrawal of your consent will take effect from that moment and may not affect the legality of the treatment based on your consent before said withdrawal.

9. Security measures

The Joint Controllers adopt the necessary technical and organizational measures to guarantee the security of personal data and to prevent their alteration, loss, treatment or unauthorized access, taking into account the state of the technology, the nature of the data and the risks to which they are exposed.

The Page has the SSL Certificate (Secure Socket Layer), in order to guarantee the security in the transmission of data between your browser and our Page.

The secure server establishes a connection so that the information is transmitted encrypted, which ensures that it is only intelligible for the user’s device and that of the Page. In this way, when using the SSL protocol, it is guaranteed:

• That the user is communicating their data to the server center of the Page and not to any other.

• That between the user and the Page the data is transmitted encrypted, avoiding its possible reading or manipulation by third parties.

• To verify that you are in a safe environment, you can:

• Verify that the Page address begins with https://.

• Check that a lock icon appears in the address bar of your browser.

10. Changes in the Data Protection Policy

Co-controllers may change this Privacy Policy without notice, so please review it frequently. If such changes materially affect their use or disclosure of personal information already in their possession, you will be asked to accept the new version of this Privacy Policy as amended.
Changes and clarifications will be effective immediately upon your first use of our website upon posting on our website.

Last update: November 3rd, 2022

11. Contact us

If you wish to: access, correct, modify, or delete any personal information we have about you, register a complaint, or simply want more information, contact the co-controllers at the addresses mentioned at the beginning of this document.
In the event that you consider it appropriate, you can file a claim with the Spanish Agency for Data Protection, as Control Authority
https://www.aepd.es

Last update: November 3rd, 2022