PRIVACY POLICY

1. USER INFORMATION

Who is responsible for the processing of your personal data?

SOCIEDAD ESPAÑOLA DE FARMACIA CLÍNICA, FAMILIAR Y COMUNITARIA is RESPONSIBLE for the processing of the USER'S personal data and informs you that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR) and Organic Law 3/2018 of 5 December (LOPDGDD).

For what do we process your personal data and why do we do it?

The operations contemplated for processing at the SOCIEDAD ESPAÑOLA DE FARMACIA CLÍNICA FAMILIAR Y COMUNITARIA are:

File

Description

1 LABOR AND HUMAN RESOURCES

Administrative and labor management of personnel employed in the organization.

2 CONTACTS

Communication, information and management of products and services. Includes web contacts and social networks

3 WORKING DAY REGISTER

Time recording of working hours to comply with RDL 8/2019 on urgent measures for social protection and to combat labor precariousness in the working day.

4 IMAGES

Management of audiovisuals for publication in the media

5 VIRTUAL TPV

Personal data provided in the payment gateway of the virtual store (e-commerce)

6 ANALYTICS COOKIES

Analyze the navigation habits of users who visit the website in order to improve the services offered.

8 MEMBERS

Social management. Includes data of associates

9 VOLUNTEERS

Members, who collaborate in the organization of the association's activities. Participation in Working Groups.

10 GROUP MARKETING MANAGEMENT

Management of the group's commercial marketing. Includes web contacts and social networks of the business group.

12 TAX AND ACCOUNTING MANAGEMENT OF THE GROUP

Registry of tax and accounting obligations subject to the economic activity of the business group

13 FISCAL AND ACCOUNTING

Recording of fiscal and accounting obligations subject to economic activity

14 PROVIDERS

Commercial and administrative management with suppliers. Includes contact details of individuals providing services to a legal entity, including individual professionals.

15 OCCUPATIONAL RISK PREVENTION

Management of occupational risk prevention for employees

16 EVENTS ORGANIZATION

Treatment derived from the management of the registration and participation of participants in an event.

17 BULLYING PREVENTION PROTOCOL

Personal data contained in the protocol where the organization underlines its commitment to prevent and act against harassment within the organization and in any of its manifestations.

18 WORK TRAINING

Management of personnel enrolled in training courses

19 INTERNAL MESSAGING

Instant messaging groups to carry out labor management

22 VIDEO MONITORING

Audiovisual recording of persons for security purposes

23 MANAGEMENT BOARD

Treatment derived from the implied legal obligations of the board's executive directors.

24 MANAGERS TERRITORIAL DELEGATIONS

Processing derived from the implicit legal obligations of the management positions of the territorial delegations.

25 TRAINING FOR TECHNICIANS. Collaboration of the Pharmacy Technician in the care of women with perimenopause.

Management of participants in training courses. Collaboration of the pharmacy technician in the care of women with perimenopause

26 TRAINING FOR PHARMACY TECHNICIANS. Collaboration of the pharmacy technician in the care of common dermatological pathologies

Management of participants in training courses. Collaboration of the pharmacy technician in the care of common dermatological pathologies

27 TRAINING FOR TECHNICIANS. Collaboration of the Pharmacy Technician in children's nutritional counseling.

Management of participants in training courses. Collaboration of the pharmacy technician in nutritional counseling for children

28 EDUCATION TRAINING. Program for the provision of the professional service of Pharmaceutical Indication in community pharmacies.

Management of participants in training courses. Program for the provision of the professional service of Pharmaceutical Indication in community pharmacies.

29 EDUCATION TRAINING. Program for the provision of professional service to assist in the treatment of patients with pain in community pharmacies.

Management of attendees to training courses. Program for the provision of professional service to assist in the treatment of patients with pain in community pharmacy.

30 EDUCATION TRAINING. Program for the provision of professional tobacco cessation services in community pharmacies.

Management of participants in training courses. Program for the provision of professional smoking cessation services in community pharmacies.

31 EDUCATION TRAINING. Program for the provision of professional service for COPD screening and management in community pharmacies.

Management of training course participants. Program for the provision of the professional service of COPD screening and management in community pharmacy.

32 EDUCATION AND TRAINING. Program for the provision of blood pressure and vascular risk measurement and control services in community pharmacies.

Management of participants in training courses. Program for the provision of blood pressure and vascular risk measurement and control services in community pharmacies.

33 EDUCATION TRAINING. Program for the provision of professional service for the review of the use of medicines in community pharmacies.

Management of training course participants. Program for the provision of professional service for the review of the use of medicines in community pharmacy.

34 ECOMMERCE ONLINE TRAINING

Management of participants in online training courses through SEFAC's e-commerce.

35 RESEARCH

Collection of health information for research purposes.

36 MEMBERS: DISCIPLINARY PROCEEDINGS

Information system for reporting acts or conduct that could be contrary to the general regulations applicable to the organization.

37 MEMBERSHIP REGISTER

Administrative management of the entity's members.

Depending on the purposes within the website we will need to treat some data or others, which in general will be, depending on the case, the following:

  • Sending commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that enable commercial communications. These communications will be made by the RESPONSIBLE and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.
  • Conduct market research and statistical analysis.
  • Process orders, requests, respond to queries or any type of request made by the USER through any of the forms of contact that are made available on the RESPONSIBLE's website.
  • To send the online newsletter about news, offers and promotions in our activity.
  • The web page incorporates a link that facilitates access to the SEFAC e_XPERT Platform through which THE RESPONSIBILITY offers its services to the associates who have contracted it.


Depending on the form where we have obtained your personal data, we will treat them confidentially to achieve the following purposes:

In the Membership Registration form

  • Manage and process any type of request for information, including those aimed at becoming a member. Keeping members informed about the actions we carry out. Disclosure of activities. 
  • (by consent of the concerned person, 6.1.a GDPR).
  • Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that enable commercial communications. These communications will be made by the responsible party and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.
    (by consent of the concerned person, 6.1.a GDPR).
  • Perform statistical analysis and market research.
    (for the legitimate interest of the responsible party, art. 6.1.f GDPR)


On social networks:

THE RESPONSIBLE, has the following profiles in the main Internet social networks: Twitter, LinkedIn, Instagram and Facebook.

THE RESPONSIBLE is recognized as responsible for the processing of data of its users, followers, or persons who make comments through the same. Also, in accordance with the Law of Services of the Information Society and Electronic Commerce. THE RESPONSIBLE disclaims any liability for comments from users and followers in their social networks. THE RESPONSIBLE may use the profiles described above to inform its users of topics that it considers of interest to them.

How long will we keep your personal data?

They will be kept for no longer than necessary to maintain the purpose of the processing or there are legal prescriptions that dictate their custody and when it is no longer necessary for that purpose, they will be deleted with appropriate security measures to ensure the anonymization of the data or the total destruction of the data.

To whom do we provide your personal data?

No communication of personal data to third parties is foreseen, except, if necessary for the development and execution of the purposes of the processing, to our service providers related to communications, with whom the RESPONSIBLE has signed the confidentiality and data processor contracts required by the privacy regulations in force.

The RESPONSIBLE, tries to ensure the security of personal data when sending suppliers necessary for the development of the service. Third parties with whom the RESPONSIBLE contracts have the obligation to ensure that the information is treated in accordance with the data protection regulations in force.

In those cases where the law may require disclosure of personal data to public bodies or other parties, only that which is strictly necessary for the fulfillment of such legal obligations will be disclosed.

Who is responsible for the accuracy and veracity of the data provided?

THE RESPONSIBLE has adopted the security levels of protection of personal data legally required, and tries to install those additional technical means or measures at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of personal data provided to THE RESPONSIBLE. However, the user must be aware that Internet security measures are not impregnable.

Therefore, THE RESPONSIBLE is not responsible for hypothetical damages that may arise from interferences, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operational functioning of this electronic system, caused by reasons beyond THE RESPONSIBLE control. The RESPONSIBLE shall not be liable for any damage caused by: delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties through illegitimate intromissions beyond the control of THE RESPONSIBLE.

Modification of privacy policy

This privacy policy is subject to change. We recommend that you review this privacy policy from time to time.

What are your rights?

The USER's rights are:

  • The right to withdraw consent at any time.
  • Right of access, rectification, portability and deletion of your data, and limitation or opposition to its processing.
  • The right to file a complaint with the supervisory authority (www.aepd.es) if you believe that the processing does not comply with the regulations in force.


Contact information to exercise your rights:

SOCIEDAD ESPAÑOLA DE FARMACIA CLÍNICA FAMILIAR Y COMUNITARIA. Paseo de las Delicias, 31 – Esc. Izq. 4º Dcha., - 28045 Madrid (Madrid). E-mail: dpo@sefac.org
Contact details of the data protection officer: Calle Laurel 10 Bajo A, 28005 MADRID - dpo@sefac.org


2. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER

USERS, by checking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data are necessary to fulfill their request, by the provider, being voluntary the inclusion of data in the remaining fields. The USER guarantees that the personal data provided to the RESPONSIBLE are truthful and is responsible for communicating any changes to them.

The RESPONSIBLE informs that all data requested through the website are mandatory, as they are necessary for the provision of optimal service to the USER. In the event that all the data is not provided, there is no guarantee that the information and services provided will be completely tailored to your needs.


3. SECURITY MEASURES

That in accordance with the provisions of the regulations in force on personal data protection, the RESPONSIBLE is complying with all the provisions of the GDPR and LOPDGDD regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the GDPR, whereby they are processed lawfully, fairly and transparently in relation to the data subject and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

Therefore, the RESPONSIBLE is not responsible for hypothetical damages that may arise from interferences, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operational functioning of this electronic system, caused by reasons beyond the control of the RESPONSIBLE. The LIABILITY OWNER shall not be liable for any damage caused by: delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as for damages that may be caused by third parties through illegitimate intromissions beyond the control of the LIABILITY OWNER.

The RESPONSIBLE guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the USERS and has communicated the appropriate information to them so that they can exercise them.

Security breaches

Security breaches can be caused by employees, third parties or computer errors. Therefore, we are legally obliged to notify data subjects if their personal data has been seriously affected within 72 hours. In addition, users will be notified as soon as the security breach is resolved.

For more information about privacy safeguards, you can contact the RESPONSIBLE person at SOCIEDAD ESPAÑOLA DE FARMACIA CLÍNICA FAMILIAR Y COMUNITARIA. Paseo de las Delicias, 31 – Esc. Izq. 4º Dcha., - 28045 Madrid (Madrid). E-mail: dpo@sefac.org
Data protection officer contact details: Calle Laurel 10 Bajo A, 28005 MADRID - dpo@sefac.org

4. SEFAC eXPERT

THE RESPONSIBLE PROVIDES a number of services through its private area: SEFAC eXPERT. Access to it requires obtaining the consent of the user through the privacy and cookies policies. In case of disagreement with this policy, you should refrain from using the SEFAC eXPERT Platform. In this case you can request both the cancellation of the service and the deletion of the registered user data.

The user is informed and accepts that access to the SEFAC eXPERT platform is necessary for the provision of the contracted service and, therefore, for the development of its relationship with the RESPONSIBLE. The use of the Platform implies consent to this Privacy Policy.

For the effective development of the service, and prior to the signature, we will need to process the data for different purposes:

The collection and automated processing of data that is carried out through the login form that allows access to the private area of the Platform for users of the RESPONSIBLE is collected for the purpose of accessing the private area account. This is a contractual purpose.

The website is fully informative about the legal documentation and/or other documents necessary for effective compliance with data protection regulations.

The website facilitates the management of the contractual relationship between THE RESPONSIBLE. and its users. Also, the website treats the data in order to facilitate communication between the RESPONSIBLE and the users of the application.

The data may also be processed to respond to requests for information on the aforementioned services.

The SEFAC eXPERT Platform, as well as the rest of the website, may include software components supplied by third parties that are used with the permission of the respective licensors and/or copyright holders under the terms provided by such parties. In this regard, the RESPONSIBLE informs you that it communicates data to external suppliers, such as data processors, for the performance of certain services.

You are responsible for maintaining the confidentiality of your password and account, and are fully responsible for all activities that occur under your password or account.

Despite having taken all security measures available to us, given the characteristics of technology and networks, the RESPONSIBLE can not guarantee zero risk in terms of hacking and theft of user data. Therefore, the user accepts this inherent risk, exonerating the RESPONSIBLE from any liability for possible damages arising from such risks.

In order to minimize possible damages, the user agrees to (a) inform the RESPONSIBLE immediately when he/she detects any unauthorized use of his/her password or account, as well as any security breach, and (b) ensure that he/she leaves the Platform once his/her session has ended. The RESPONSIBLE cannot, and will not, be liable for any loss or damage arising from failure to comply with these obligations.

The data entered in the Private Area will be kept for the duration of the relationship for the sole purpose of effectively managing compliance with the regulations subject to the terms and conditions. Information on user accesses, screens, user interaction, blocking and exceptions may also be processed for the purpose of introducing improvements in future versions of the Platform.

5. INTERNATIONAL DATA RECIPIENTS

The RESPONSIBLE does not carry out international data transfers.

In general, data is stored within the European Union (EU).

In order to ensure a sufficient level of protection in the event that they could be sent to third countries outside the EU, the RESPONSIBLE, will take sufficient technical and organizational measures either under Binding Corporate Rules (BCR). Where appropriate, other transfer mechanisms will be employed to safeguard your personal data. This could include the use of the new EU standard contractual clauses.

 

 

-

Manual for authors

Journal Information