PRIVACY POLICY
We prioritize your data security.

Your data matters

Data Protection Policy for InnHealthium S.L.

1. Introduction

InnHealthium S.L. (“InnHealthium,” “we,” or “us”) is committed to protecting personal data in accordance with current Spanish data protection laws (including Organic Law 3/2018 of December 5 on Personal Data Protection and Guarantee of Digital Rights) and the General Data Protection Regulation (GDPR) of the European Union. This policy describes how InnHealthium collects, processes, stores, and protects personal data of individuals who interact with us, in particular through our consulting activities, as presented on our website.

2. Data Controller and Contact Information

  • Controller Name: InnHealthium S.L.
  • Registered Address: Calle San Antoni Maria Claret 167-BHH, Office 0.6, 08025, Barcelona, Spain
  • Phone: +34 639 53 92 80
  • Email: info@innhealthium.com

If you have any questions regarding this Data Protection Policy or wish to exercise your legal rights, please contact us at the email above.

3. Personal Data We Process

Depending on how you interact with InnHealthium, we may process the following categories of personal data:

  1. Identification Details: Name, surname(s), company name (if applicable), personal ID number, company tax identifier, postal address, email address, and phone number.
  2. Commercial Information: Information regarding your inquiries, requests for proposals, or any other data provided in the course of our consulting services.
  3. Payment and Billing Data: Bank account details or other billing information required to manage our business relationship.
  4. Traffic and Location Data (if relevant): Information generated when you use our website or related online services (e.g., IP address, approximate geolocation), strictly for statistical or security purposes.

4. Purposes of Data Processing

We collect and process personal data for the following purposes:

  1. Service Provision and Consulting Management
    • To initiate, fulfill, and administer service contracts related to our consulting services.
    • To conduct necessary administrative tasks, such as billing and invoicing.
  2. Responding to Requests and Inquiries
    • To manage and address queries or information requests that you submit via our web forms, email, or other communication methods.
  3. Commercial Communications
    • To send information related to our consulting services (e.g., updates, offers, or relevant insights), provided you have explicitly requested it, are a current or past client, or have otherwise shown a legitimate interest in our services.
  4. Statistical and Usage Analysis
    • To compile anonymous statistical reports on website usage to improve user experience and optimize our consulting offerings.
  5. Legal Compliance
    • To comply with applicable laws, regulations, or legitimate requests from competent authorities.

5. Legal Bases for Processing

We process personal data under one or more of the following legal bases:

  1. Consent: When you provide express consent (for instance, by clicking “Submit” in our forms or opting in to receive marketing communications).
  2. Contractual Necessity: Where processing is necessary to fulfill obligations under a service contract or to take steps at your request prior to entering into a contract.
  3. Legitimate Interest: For sending relevant commercial communications to existing or former clients, or prospects who have shown an interest in our services, unless overridden by your data protection rights.
  4. Legal Obligation: When processing is necessary for InnHealthium to comply with a legal requirement under Spanish or European legislation.

6. Data Sharing and Third Parties

We may share personal data with third parties strictly for the purposes stated above or as legally required:

  • Service Providers and Partners: We engage external providers (e.g., billing, accounting, IT support) to help us perform essential business functions.
  • Business Collaborators: In cases where you show interest in professional services offered in partnership with InnHealthium, we may share your data with the relevant collaborator to facilitate those services, with your prior permission where required.
  • Legal and Regulatory Authorities: When disclosure is required by law or necessary to protect our rights or to respond to legal proceedings.

If international data transfers occur, they are carried out under appropriate safeguards (e.g., Standard Contractual Clauses) to ensure a level of protection consistent with the GDPR.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purpose for which it was collected and to comply with any legal obligations. The retention period may vary based on the nature of the data and legal requirements. You can request more details on retention periods by contacting info@innhealthium.com.

8. Cookies and Tracking Technologies

Our website uses both essential and non-essential cookies (and similar technologies) to enhance your user experience, analyze website performance, and deliver personalized content. We seek your consent for non-essential cookies via our cookie banner. Essential cookies, which are necessary for the website to function, do not require consent.

  • You can manage or withdraw your consent at any time through our cookie settings or by clearing cookies in your browser.
  • For more detailed information, please contact us at info@innhealthium.com.

9. No Automated Decision-Making or Profiling

InnHealthium does not engage in automated decision-making or profiling that produces legal or similarly significant effects concerning data subjects.

10. Your Rights

In accordance with GDPR and applicable Spanish data protection laws, you have the following rights:

  1. Right of Access: Obtain confirmation on whether your data is processed and request a copy.
  2. Right to Rectification: Correct inaccurate or incomplete personal data.
  3. Right to Erasure (“Right to be Forgotten”): Request deletion of personal data when it is no longer necessary for the purpose for which it was collected.
  4. Right to Data Portability: In certain cases, receive your data in a structured, commonly used, machine-readable format and/or request its transfer to another controller.
  5. Right to Object: Object at any time to processing based on legitimate interest, unless InnHealthium has compelling grounds to continue.
  6. Right to Restriction of Processing: Request limited processing of your data under specific circumstances.
  7. Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.

To exercise any of these rights, please contact us at info@innhealthium.com. You also have the right to file a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos, https://www.aepd.es) or your local supervisory authority if you believe your data protection rights have been infringed.

11. Updates to this Policy

We reserve the right to amend this Data Protection Policy to reflect changes in our data processing or to comply with new legal obligations. If material changes are made, we will inform you via our website or other appropriate means. Minor changes (e.g., corrections of typographical errors) may not require formal notification.