Confidentiality and security are core values of the FUNDACIÓ INSTITUT GUTTMANN (INSTITUT GUTTMANN) and, consequently, we are committed to always guaranteeing the privacy of our clients’ personal data and to not collecting unnecessary information.
- Who is responsible for the processing of your data?
- Who will take care of your data?
- For what purposes we ask for the data we request.
- What is the legitimacy for its treatment?
- How long we keep it.
- To which recipients your data is communicated.
- What are your rights?
Who is responsible for the processing of personal data?
- Company name: FUNDACIÓ INSTITUT GUTTMANN (INSTITUT GUTTMANN)
- TAX ID: G08519100
- Address: Camí de Can Ruti, s/n 08916 Badalona (Barcelona)
- Contact: email@example.com
Who will look after your data at INSTITUT GUTTMANN?
The Data Protection Officer of the INSTITUT GUTTMANN (hereinafter DPD), will be the guarantor within the INSTITUT GUTTMANN of compliance with data protection regulations.
You may contact the Data Protection Officer of the INSTITUT GUTTMANN at the following address:
- E-mail: firstname.lastname@example.org
- Postal address: Camí de Can Ruti, s/n 08916 Badalona (Barcelona)
For what purposes and legitimacy do we use the personal data?
At INSTITUT GUTTMANN we process personal data to respond to requests for information or to respond to requests.
This personal data will be processed for the legitimate purposes indicated below.
- Response to requests for information or contact
At INSTITUT GUTTMANN we will use the contact data provided to respond to requests and queries regarding our services, whether made through the form available on the website or sent to the contact email addresses published.
- Legitimate interest of INSTITUT GUTTMANN for this data processing taking into account the reasonable expectations of the interested parties in receiving a response to their requests.
- Consent freely given by the data subject who sends their data using the form provided specifically for this purpose.
- Data processed:
- Identification data.
- Contact data.
- Information of the message sent.
- Retention criteria:
The data will be kept for as long as necessary to fulfil the purpose for which they have been collected, as long as we have not been requested to delete them. As well as for as long as they are necessary to determine possible responsibilities.
- Arranging appointments
INSTITUT GUTTMANN will use the contact details provided to respond to your requests to arrange a visit.
- Legitimate interest of INSTITUT GUTTMANN for this data processing taking into account the reasonable expectations of the data subjects in receiving a response to their requests.
- Data processed:
- Identification data
- Contact data
- Selected clinic
- Special category data: Description of need
- Retention criteria:
The data will be kept for as long as necessary to fulfil the purpose for which they have been collected, provided that we have not been requested to delete them, as well as for as long as they are necessary to determine any possible liabilities that may arise from this purpose and from the processing of the data.
At the most, the data will be kept until the patient has been discharged from the Institut Guttmann's clinical history.
- Analytics of website visits
The INSTITUT GUTTMANN makes use of various techniques to collect information that can be used to obtain analytical data on visits and navigation through the pages of its websites.
- Google Analytics
t is important to remark that, as indicated in their privacy policies, these companies may cross-reference browsing data with their internal records in order to use them for ad personalization, even if you do not have a registered account for their services.
- Legitimate interest of INSTITUT GUTTMANN to obtain analytical information about visitors' use of the website.
- Data processed:
- Online identifiers, including identification cookies
- Internet protocol (IP) addresses and device identifiers
- Customer identifiers
- Information contained in the HTTP headers of requests sent over the internet such as the type of device, operating system and browser from which the pages are viewed
- Information provided by the browser such as preferred language, time zone and others
- Geographic information derived from the IP address
- Web site navigation data: pages visited, originating pages, ...
More information at:
- Retention criteria:
The data will be retained for as long as necessary to fulfill the purpose for which they were collected, provided that we have not been requested to delete them, as well as for as long as they are necessary to determine possible liabilities that may arise from this purpose and from the processing of the data.
In the case of data collected by third parties such as Google, they will be governed by the terms established by them in their respective privacy policies and the persistence of cookies reported in our Cookies Policy.
In addition to the above, INSTITUT GUTTMANN may carry out other processing of personal data. In this case, the interested party will receive the necessary information in relation to these treatments and INSTITUT GUTTMANN will request their consent if necessary.
How long will INSTITUT GUTTMANN keep the data?
In general, INSTITUT GUTTMANN will keep the personal data of the interested parties for the duration of the relationship with the user, for the time necessary for the purpose for which they were collected and, where appropriate, for the period necessary for the formulation, exercise or defense of potential claims, or to comply with the legal obligations determined by the applicable legislation.
Once this period has expired, INSTITUT GUTTMANN undertakes to cease the processing of all personal data, destroy them, block them, or anonymize them as far as possible for the purpose for which they were kept.
You may also exercise your right to have the data deleted at any time. In the event of legitimate circumstances justifying their maintenance, the data will not be deleted, but you may exercise your right to limit the processing of the data.
To whom will the data be communicated?
Personal data will not be disclosed to third parties, unless it is necessary to respond to the request, we are required to do so by law, or the data subject has given us his or her consent.
We may also communicate the data to companies that provide us with services related to the ordinary and administrative activity of the company as processors, national or international, in the framework of the provision of services such as, among others, email service providers, web hosting services, server hosting, management application services in SaaS mode, file archiving in the cloud and others.
The provision of these services may involve the processing of personal data by companies located in countries outside the European Economic Area (international data transfers). However, this will only be done with countries that offer an adequate level of protection or, in the case of entities in the U.S., that are accredited under the EU-U.S. Privacy Shield. Commission Decision (EU) 2016/1250 of 12 July 2016 and have provided additional safeguards such as Standard Contractual Clauses (SCCs).
Service providers linked to the INSTITUT GUTTMANN website are listed below:
Google Inc Provider of the web usage analytics service and the YouTube video viewing service. Link
What are the rights of interested parties when they provide us with their data?
At any time, the interested party may exercise their rights of access, rectification, deletion and portability of personal data processed by the INSTITUT GUTTMANN, as well as those of opposition and limitation of their processing.
These rights may be exercised free of charge by the interested party, and where appropriate by whoever represents him/her, by means of a written and signed request using one of the forms referenced at the bottom of this section, accompanied by a copy of his/her ID card or equivalent document proving his/her identity, addressed to:
- By e-mail: email@example.com
- By post: Camí de Can Ruti, s/n 08916 Badalona (Barcelona)
In the case of representation, it must be proved by means of a written document and attaching a copy of the ID card or equivalent document that proves their representation.
In addition to the above rights, the interested party will have the right to withdraw the consent given at any time through the procedure described above, without this withdrawal of consent affecting the lawfulness of the treatment prior to the withdrawal of this. The INSTITUT GUTTMANN may continue to process the personal data of the data subject to the extent that the applicable law permits or any other legitimacy that justifies it persists.
INSTITUT GUTTMANN reminds the data subject that he/she has the right to lodge a complaint with the relevant supervisory authority (Spanish Data Protection Agency).
Forms for the exercise of rights
- Right of Access Form
- Right of Rectification Form
- Right of Deletion Form
- Right of Portability Form
- Right of Limitation Form
- Right of Opposition Form
Updating your data
In order for us to keep your personal data up to date, it is important that you inform us whenever there has been any change in them. Otherwise, we are not responsible for the veracity of these and the implications it may have on their treatment.
Security in the treatment and custody of data
INSTITUT GUTTMANN declares that it has implemented the appropriate technical and organizational measures to ensure and be able to demonstrate that the treatment is in accordance with current legislation and that the protection of the rights of data subjects is guaranteed.
To this end, it has implemented a Personal Data Protection Management System to determine and apply the technical and organizational means at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of data provided by users, without prejudice to report that security measures on the Internet are not impregnable.
Specifically, there are security measures in place consisting of:
- The physical control of access and protection of equipment, people and facilities where data processing is carried out.
- Access to its computer systems is by means of individual users and passwords, limiting access to data to those employees who strictly require it for the performance of their jobs.
- That it makes backup copies of personal data of which it is obliged to maintain the integrity and availability.
- In the event of managing supports or documents with personal data, these are duly guarded under lock and key or with equivalent locking devices.
- Perimeter protection systems in the network to prevent intrusions and antivirus protection of its computer systems.
- There is a register of security incidents and mechanisms and procedures have been established for notifying security breaches.
- That we have a Continuity Plan that establishes the possibility of restoring availability and access to personal data quickly, in case of physical or technical incident within the time required to meet the business commitments to which we are obliged according to our service contract.
Cookies are also used to manage navigation through the website, to remember user settings (e.g., language preferences) and to maintain authenticated user sessions.
If you do not accept cookies, you can still use our website, but some features or areas of it may be limited or not function properly.
In our Cookies Policy you will find information about what cookies are, what type of cookies this site uses, how you can disable cookies in your browser and how to specifically disable the installation of third-party cookies.
Please read our Cookies Policy carefully before continuing to browse our website.
Links to third party sites
Sharing buttons with social networks