XClinics Medical Software . Privacy Policy
INTRODUCTION
Protecting your privacy and ensuring the lawful use of your personal data is a top priority for Cloud X Tech LLC (“XClinics”). We are committed to ensuring your privacy and not sharing or selling the information we collect.
The privacy policy describes how we collect, use, and store personal data. This data processing applies to our website. For information about the privacy policy in the software, please read our service agreement. https://xclinics.com/wp-content/uploads/2019/07/Contrato-XClinics.pdf
Massive Bionics may modify this privacy notice to reflect changes in our operations or applicable laws and regulations, which may affect your fundamental rights or freedoms.
ID
Company name: Cloud X Tech LLC (“XClinics”)
Trade name: “XClinics”
Registered office: 6555 Sanger Rd, 101. Orlando, FL 32827. USA
email: info@xclinics.com .
You may also access your information, rectify it, request its deletion, or object to processing using the options provided for this purpose.
You can contact our Data Protection Officer at: dpo@dricloud.com .
And with our legal representative in Europe: G&B Abogados info@galindobarrioabogados.com
For the purposes of European Union data protection laws, in particular the General Data Protection Regulation (REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, Massive Bionics LLC is the Controller of your personal data.
HOW WE OBTAIN YOUR DATA
When you visit our website and fill out some of the forms, we collect your data. This information may include:
First and last name(s),
Phone number, Country, Email address, Date and time of visit, Reason for your visit, product or service you are contracting, the session you are attending, etc.
ID, address, NIF (Tax ID) in case of activating a new software platform.
Any additional information you have shared during your visit or when filling out any of our forms, depending on each case:
Additional data: When you use our website, we may obtain additional data, including, for example:
information about your device, IP address, time zone and language, browser used. GPS. If you use a mobile application, we may also obtain your location data through GPS. You will always have the option to disable this functionality.
PURPOSES OF PROCESSING AND LEGITIMATION
We will process this personal data for:
Provision of Services. If you contract our services, you sign a legally binding agreement with us. The need to fulfill our obligations and compliance with this legal agreement constitutes a valid legal basis for the processing of your personal data, as specified in Article 6.1.b of the GDPR. We also process your personal data based on our legal obligations, for example, to issue invoices and keep our financial records up to date. This constitutes a valid legal basis for the processing of your personal data, as specified in Article 6.1.c of the GDPR and Article 19.2 of the LOPDyGDD (Spanish Data Protection Act).
Responding to user requests: Processing requests or any type of inquiries regarding our catalog of activities and services offered by our company, made by the user through any of the contact methods made available to them.
Sending Commercial Communications and Newsletters. When you agree to receive commercial communications and/or newsletters, you authorize us to process your email address, telephone number, first and last name for this purpose. You may opt out of receiving these communications at any time. The legal basis for processing your personal data for this purpose is Article 6.1.f of the GDPR and Article 19.2 of the LOPDyGDD.
Commercial activities. To manage and plan our business activities (for example, to analyze how you use our products and services and to forecast demand for our product, or to predict how our users will use our Services in the future and estimate trends in user needs and preferences). We process this information based on our legitimate interests, which constitute a legal basis for processing personal data under Article 6.1.f of the GDPR.
Complaints. To handle any complaints or claims you may have in relation to the Services, and to protect ourselves against them and against any complaints or claims from third parties related to your use of the Services. We process this information based on our legitimate interests, which constitute a legal basis for processing personal data according to Article 6.1.f of the GDPR.
To protect you from bots and other similar mechanisms by implementing security methods such as Captcha or similar.
DATA CONSERVATION CRITERIA
We will only retain the information we collect about you for as long as necessary for the purposes set out above, or as necessary to comply with any legal obligations to which we are subject.
The period for which we retain your data will vary depending on the type of information and the purposes for which we use it. Generally, we will retain our records for up to six years after your relationship with us ends, to comply with our legal obligations.
Provision of Services: We will process your data until you have an active User Account or service contract. If you delete your User Account or the service contract is terminated, we will retain your personal data for a period of 6 years.
Commercial Activities: We will process your personal data until you object to the processing of your personal data.
Commercial Communications and Newsletters: We will process your personal data until you withdraw your consent for marketing purposes or object to the processing of your personal data.
Complaints and responses to your requests: We will retain your personal data for 6 years after the resolution of the complaint or request.
Tax and Billing Data: We will process your data until you have an active User Account or service contract. If you terminate the service contract, we will retain your personal data for a period of 6 years.
COMMUNICATION OF DATA
We may disclose your personal data to other companies associated with XClinics and that offer services integrated with the software, solely for the purpose of providing the Services to you.
We may also share your personal data with third-party providers, again solely for the purpose of providing our Services to you. Most of these providers act as data processors and have entered into data processing agreements with us.
For example, we may share your personal data with the following companies:
Cloud hosting and server maintenance providers,
communication tool providers,
customer support tool providers,
external consultants, auditors or advisors,
payment service providers, banks, credit reference and fraud prevention agencies and insurance companies,
ICT companies that provide us with software and similar services. Finally, we may share data to respond to legal requirements, enforce our policies, liaise with judicial or regulatory authorities when required by applicable law, and protect our rights and property.
We may also share your personal information with other commercial entities or individuals who will contact you with commercial information, customer service, and answers to your questions and concerns. They may contact you by phone, email, SMS, WhatsApp, Zoom, Skype, and other means of communication.
We will not transfer your personal information to any third party for the purpose of transferring or selling data unless you give us your prior consent or we have a legitimate basis to do so.
Some of our suppliers (data processors) are based outside the European Economic Area, so we may transfer your personal data to third countries. We always ensure that these transfers comply with GDPR requirements.
RECOGNIZED RIGHTS
Under the GDPR you have the following rights:
You have the right to be informed about the processing of your personal data (i.e., for what purposes, what type of personal data, to which recipients it is disclosed, retention periods, any third-party sources from which it was obtained, verification of automated decision-making, including profiling, and the logic, significance, and expected consequences). Reading this Privacy Policy is part of your right to be informed.
We remind you that you have the right to request a copy of the personal data we process about you, you can ask us to erase (if you believe we do not have the right to retain it) or rectify (if you believe it is inaccurate) your personal data, you can object to the processing of your personal data or (where we rely on your consent for processing) withdraw your consent,
you have the right to restrict the processing of your personal data, and/or
you can request that your data be provided to you in a portable form (right to data portability).
You can contact us (see contact details at the end of this policy) if you wish to exercise any of these rights. We will comply with our legal obligations regarding your rights as a data subject.
Any request for access to your personal data must be made in writing. We will endeavor to respond within a reasonable period, and in any event, within one month (or such other period as we will immediately notify you of in the case of complex or numerous requests). We reserve the right to charge a reasonable fee (reflecting the costs of providing the information) or refuse to respond where requests are manifestly unfounded or excessive. In this case, we will explain the situation to you and inform you of your rights.
We aim to ensure that the information we hold about you is accurate at all times. To help us keep your information up to date, you must inform us of any changes to your personal information. Upon request, we will take reasonable steps to ensure the information is accurate and will rectify any incorrect personal information immediately and, in any event, within one month of your request.
AUTOMATED DECISIONS AND PROFILING
We do not rely solely on automated decisions. We do not use any profiling systems or tools to process your data.
SECURITY MEASURES
Cloud X Tech LLC (“XClinics”) guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by Regulation (EU) 2016/679 of April 27, 2016 and LOPD-GDD 3/2018 of December 5 in order to protect the rights and freedoms of Users and has communicated to them the appropriate information so that they can exercise them. The company has installed all the technical means and measures at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of the Personal Data provided by the owner. However, the User must be aware that Internet security measures are not impregnable.
MORE INFORMATION.
We hope that all the information provided in this policy is useful to you, but if you would like more information, you can contact us via our email: info@xclinics.com
