Privacy Policy

Dilemma Solutions S.L. (hereinafter Dilemma Solutions) complies with the provisions regarding data protection, and for the purposes of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD), and the EU Regulation 2016/679, of the European Parliament and of the Council, of April 27, the personal data collected on the website will be treated in accordance with said legislation and incorporated into its Treatment Registry whose controller is Dilemma Solutions.

 

All personal data provided through the existing forms on this website, as well as any others that you voluntarily provide to the entity, will be treated with strict confidentiality and under the protection and specifications contained in the previous laws.

 

Data collected is adequate, pertinent and not excessive in relation to the scope and purposes described in each case. The interested party will be responsible, in any case, for the veracity of the data provided, reserving Dilemma Solutions the right to exclude from the registered services any user who has provided false data, without prejudice to the other actions that proceed by law.

 

Visiting and browsing the Web is initially done anonymously.

 

1. Who is responsible for the processing of your personal data?

 

Dilemma Solutions holds the status of Data Controller.

 

2. What is the purpose of data processing?

 

The purpose of the treatment is the management of users to carry out contacts (queries, services requests, sending budgets and offers, sending technical documentation). For which the categories of data related to the identification of the person will be collected, including name, contact email, country of origin, work center and question sent.

 

The treatment carried out responds exclusively to the purposes established above, and corresponding to those that were required, proceeding the data of the interested party and being legitimized for it by the consent that has been expressly granted when accepting these conditions.

 

3. To whom will we transfer or communicate your data?

 

Personal data will not be transferred to third parties without prior consent, nor outside the cases expressly provided for in data protection legislation.

 

4. How long will we keep the data?

 

We also inform you that your data will be kept for the duration of the relationship established with the entity or until you exercise your rights to unsubscribe or delete. In the case of consultations, your data will be kept for a minimum of 5 years from the last notification.

 

The data will also be kept for the minimum essential to comply with legal obligations, during the legal periods established for the prescription of any responsibility on our part, and for the exercise or defense of claims derived from the relationship maintained with the interested party.

 

5. Security of personal data

 

In accordance with the First Additional Provision of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights, the security, technical and organizational measures adopted by Dilemma Solutions, and intended to safeguard the confidentiality and protection of personal data, avoiding their loss, alteration or unauthorized access, are those established in our Information Security Management Systems (ISMS) based on the regulations:

 

  • ISO/IEC 27001 and ISO/IEC 27002
  • Spanish Royal Decree 311/2022, of May 3, which regulates the National Security Scheme

6. How to exercise the rights provided for in the GDPR?

 

Dilemma Solutions will guarantee and facilitate users and clients at all times in the exercise of their rights regarding the protection of personal data.

These rights are:

 

  • Right of access: Right to obtain confirmation on whether the data and information about said treatment are being processed.
  • Right of rectification: Right to request the rectification of data when they are inaccurate.
  • Right to delete or to be alone: Right to obtain the deletion of data in the terms provided in current regulations.
  • Right of opposition: Right to oppose, at any time, the processing of personal data.
  • Right to limitation of treatment: Right that the person in charge limits the treatment of the data of the person concerned in the assumptions included in the current regulations.
  • Right to data portability: Right to receive the data you provided in a structured format, commonly used and mechanical reading, or to be transmitted directly to a third party.
  • Right not to be the subject of automated individual decisions: Right not to be the subject of a decision based solely on automated processing, including profiling, that produces legal effects on the interested party or significantly affects them.
  • Right to withdraw consent: When the processing of the data is based on the consent of the interested persons, they may withdraw the consent granted at any time, without affecting the legality of the treatment prior to its withdrawal.

Users may exercise any of these rights acting on their own behalf or through a legal representative. In the case of minors under 14 years of age, the holders of parental authority or guardianship must do so.

 

To exercise your right you can use one of the following two ways:

 

  • Certified letter to the following address: Dilemma Solutions, S.L. (Data Protection) CITIC Building – Elviña Campus s/n 15008 A Coruña (Spain)
  • Send certified email to: rgpd@naeviamedical.com

The request must contain: Name and surnames of the interested person and, where appropriate, also of the person who represents him; address and data for notification purposes; date and signature of the applicant; copy of a national identity document or passport, as the case may be; petition in which the request for the exercise of rights is specified. In the case of a representative, documentation proving the representation, or the relationship with the interested party in cases in which they act on behalf of another person, or request information about another person.

 

7. Right to present a claim in the AEPD

 

If the interested persons consider that the right to the protection of their personal data has been violated, they may present a claim in the Spanish Agency for Data Protection (AEPD)

 

Prior to submitting a claim to the Spanish Data Protection Agency, you may contact the data protection officer at the following email: rgpd@naeviamedical.com

 

8. What are the applicable laws?

 

  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
  • Spanish Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD). Rule that aims to adapt the Spanish legal system to the RGPD, complete its provisions and guarantee the digital rights of citizens.
  • Spanish Law 34/2002, of July 11, on services of the information society and electronic commerce
  • Spanish Law 14/2007, of July 3, on Biomedical Research.
  • Spanish Law 41/2002, of November 14, regulating basic patient autonomy and rights and obligations regarding information and clinical documentation.