At ESPAI SYNAPTIC LAB S.L. we work to offer you the best possible experience through our products and services. In some cases, it is necessary to collect information to achieve this. We care about your privacy and we believe that we must be transparent about it.

Therefore, and for the purposes of the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 (hereinafter “GDPR”) on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and the LAW 34/2002, of July 11, 2002, of Services of the Information Society and Electronic Commerce (hereinafter, “LSSI”), ESPAI SYNAPTIC LAB S.L. informs the user that, as data controller, will incorporate the personal data provided by users in an automated file.

Our commitment starts by explaining the following to you:

-We collect your data to improve the user experience by addressing your interests and needs.

-We are transparent about what data we collect about you and why we collect it.

Our intention is to provide you with the best possible experience. Therefore, when we use your personal information, we will always do so in a compliant manner, and where necessary, we will ask for your consent.

We understand that your information belongs to you. Therefore, if you choose not to give us permission to process it, you can ask us to stop processing it.

Our priority is to ensure your security and to process your data in accordance with EU law.

For more information on how we process your data, please see the different sections of the privacy policy below:

Who is the controller for the processing of your personal data?

Identity: ESPAI SYNAPTIC LAB S.L.

Registered office: Carrer Galileu, 165, 3r 1a

C.I.F. nº: B42755876

Email: [email protected]

CLINICA SYNAPTICA has appointed a Data Protection Officer or an internal contact person within its organization. If you wish to make an inquiry regarding the processing of your personal data, you can contact them at [email protected]

What personal data do we collect?

The personal data that the user may provide:

Name, address and born date.

Telephone number and email address.

Location.

Payments and deliveries information.

IP address, date and time in which you access to our services, browser and data about the operating system of your device.

Any other information or data that you decide to share with us.

Most of the personal information we process is provided to us directly by you. In some cases, it is obligatory to fill in a form to access certain services. Not providing the personal data requested or not accepting this data protection policy means the impossibility of navigating the website.

Why do we process your data and for what purposes?

At CLINICA SYNAPTICA, we process the information provided by interested individuals for the following purposes:

Managing orders or contracting any of our services, whether online or at physical stores.

Managing the sending of requested information.

Developing commercial actions and carrying out the maintenance and management of the relationship with the user, as well as managing the services offered through the website and information tasks. This may include automated assessments, obtaining profiles, and customer segmentation tasks in order to personalize treatment according to their characteristics and needs and improve the customer’s online experience.

Developing and managing contests, sweepstakes, or other promotional activities that may be organized.

In some cases, it will be necessary to provide information to authorities or third parties for audit purposes, as well as handling personal data from invoices, contracts, and documents to respond to customer claims or those of public administrations.

We inform you that the personal data obtained as a result of your registration as a user

will be part of the Register of Activities and Processing Operations (RAT), which will be periodically updated in accordance with the provisions established in the GDPR.

What is the legal basis for processing your data?

The processing of your data may be based on the following legal grounds:

Consent of the data subject for contracting services and products, through contact forms, information requests, or subscription to e-newsletters.

Legitimate interest in processing data of our clients for direct marketing activities, and explicit consent of the data subject regarding automated evaluations and profiling.

Compliance with legal obligations for fraud prevention, communication with public authorities, and third-party claims.

How long do we keep your personal data for?

The processing of the data for the purposes described will be maintained for the time necessary to meet the purpose of their collection, as well as for compliance with legal obligations arising from the processing of data. Without prejudice to the fact that conservation is necessary for the formulation, exercise or defence of potential claims and/or whenever permitted by applicable legislation. ESPAI SYNAPTIC LAB S.L. undertakes to cease the processing of personal data at the end of the storage period and to block them in our databases.

To which recipients is your data communicated?

In general,ESPAI SYNAPTIC LAB S.L. will not transfer personal data to third parties, except in those situations where such data may be transferred to other collaborators who provide services to ESPAI SYNAPTIC LAB S.L., for the purpose of managing the provision of these services. Likewise, any transfer, will be informed to the data subject through the consent clauses established by data protection regulations. However, your data will never be sold to third parties. External service providers (for example, payment providers or delivery companies that CLINICA SYNAPTICA works with) may use the data to provide the corresponding services. However, they will not use the information for their own purposes or transfer it to third parties.

CLINICA SYNAPTICA strives to guarantee the security of personal data when they are sent outside the company and ensures that third-party service providers respect confidentiality and have adequate measures to protect personal data. These third parties are obligated to ensure that the information is processed in accordance with data privacy regulations.

In some cases, the law may require disclosing personal data to public bodies or other parties, but only the strictly necessary information will be disclosed for compliance with these legal obligations.

The personal data obtained may also be shared with other companies within the group.

Where are your data stored?

As a general rule, data is stored within the EU. Data sent to third parties that do not belong to the EU will ensure an adequate level of protection, either through Binding Corporate Rules (BCR) or adherence to the “Privacy Shield”.

What rights do you have and how can you exercise them?

You can direct your communications and exercise your rights by sending a request to the following email: [email protected].

Under the GDPR, you can request:

Right of access: you can request information about the personal data we have about you.

Right of rectification: you can communicate any changes to your personal data.

Right to erasure and to be forgotten: you can request the deletion, prior blocking, of personal data.

Right to restriction of processing: it involves restricting the processing of personal data.

Right to object: you can withdraw consent for the processing of data, objecting to their further processing.

Right to data portability: in some cases, you can request a copy of personal data in a structured, commonly used, and machine-readable format for transmission to another controller.

Right not to be subject to automated individual decision-making: you can request that decisions not be based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.

In some cases, the request may be denied if you request the deletion of data necessary for compliance with legal obligations.

Likewise, if you have any complaints about the processing of data, you can file a complaint with the data protection authority.

Who is responsible for the accuracy and truthfulness of the provided data?

The user is solely responsible for the accuracy and correctness of the included data, releasing CLINICA SYNAPTICA from any liability in this regard. Users guarantee and respond, in any case, to the accuracy, validity, and authenticity of the provided personal data, and undertake to keep it duly updated. The user agrees to provide complete and correct information in the registration or subscription form. CLINICA SYNAPTICA reserves the right to terminate contracted services with users if the data provided are false, incomplete, inaccurate, or not up-to-date.

CLINICA SYNAPTICA is not responsible for the accuracy of information not of its own production and from sources other than its own, therefore it also assumes no responsibility for any hypothetical damages that may arise from the use of such information.

CLINICA SYNAPTICA reserves the right to update, modify, or delete the information contained on its web pages, and may even limit or deny access to this information. CLINICA SYNAPTICA is not responsible for any damage or harm that the user may suffer as a result of errors, defects, or omissions in the information provided by CLINICA SYNAPTICA, provided that they originate from sources external to it.

Likewise, the user certifies that they are over 14 years of age and possess the legal capacity necessary to provide consent regarding the processing of their personal data.

How do we treat the personal data of minors?

In principle, our services are not specifically aimed at minors. However, in the event that any of them are directed at minors under fourteen years of age, in accordance with Article 8 of the GDPR and Article 7 of the LO 3/2018, of December 5 (LOPDGDD), CLINICA SYNAPTICA will require valid, free, unequivocal, specific, and informed consent from the legal guardians to process the personal data of minors. In this case, the ID card or another form of identification of the person providing consent will be required.

In the case of minors over fourteen years of age, data processing may proceed with the consent of the user, except in cases where the Law requires the assistance of the holders of parental authority or guardianship.

What security measures do we apply to protect your personal data?

CLINICA SYNAPTICA has adopted the levels of security for the protection of personal data legally required, and seeks to install other additional technical means and measures within its reach to prevent the loss, misuse, alteration, unauthorized access, and theft of the personal data provided to CLINICA SYNAPTICA.

CLINICA SYNAPTICA is not responsible for hypothetical damages or harm that may derive from interferences, omissions, interruptions, computer viruses, telephone faults, or disconnections in the operational functioning of this electronic system, motivated by causes outside of CLINICA SYNAPTICA’s control; delays or blockages in the use of this electronic system caused by deficiencies or overloads in telephone lines or overloads in the Data Processing Center, the Internet system, or other electronic systems, as well as damages that may be caused by third parties through illegitimate intrusions beyond the control of CLINICA SYNAPTICA. However, the user must be aware that Internet security measures are not impregnable.

Links to other websites

The website www.clinicasynaptica.com may contain links to other websites. By clicking on any of these links and accessing an external website, the visit will be subject to the privacy policy of that website, with CLINICA SYNAPTICA being dissociated from any responsibility regarding its privacy policy.

How do we use cookies?

The CLINICA SYNAPTICA website uses cookies to optimize and personalize your navigation through it. Cookies are physical information files that are stored on the user’s terminal; the information collected through cookies serves to facilitate the user’s navigation of the portal and optimize the browsing experience. The data collected through cookies may be shared with their creators, but under no circumstances will the information obtained through them be associated with personal data or data that can identify the user.

However, if the user does not wish for cookies to be installed on their hard drive, they have the option to configure their browser to prevent the installation of these files. For more information, please consult our Cookie Policy at https://www.clinicasynaptica.com/ca/cat-politica-de-cookies/

Can the privacy policy be modified?

This privacy policy may be modified. We recommend that you review the privacy policy periodically.