Privacy Policy

Last Version: February 1, 2024

1.- INTRODUCTION

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our application ("the APP") and the choices you have associated with that data in compliance with the General Data Protection Regulation (GDPR) (Regulation 2016/679).

2.- DEVELOPER AND DATA CONTROLLER

The APP has been developed by INDALOFTAL S. L. (the DEVELOPER)
Avenida de Bobar Nº 1, block4 – 6th Spain
Website: https://www.qvisionacademy.com/
Email: [email protected]
Phone number: 950 21 71 71. The DEVELOPER acts as the Owner of any possible personal data collected.

3.- TYPES OF DATA COLLECTED

IOLEvidence is an APP for disseminating knowledge about intraocular lenses. The APP does not collect any type of personal data that could identify the USER. It also does not use any features of your device that could be related to your location.

3.1.- MODALITY AND PLACE OF PROCESSING OF THE COLLECTED DATA

3.1.1.- Processing Modalities

The DEVELOPER will process the USERS' Data appropriately and will adopt the necessary security measures to prevent unauthorized access, disclosure, alteration, or destruction of the Data. The Data processing will be carried out using computers and/or IT tools, following procedures and organizational modalities strictly related to the indicated purposes. In addition to the DEVELOPER, in some cases, certain categories of authorized persons involved in the operation of this APP (administration, sales, marketing, legal department, and system administration) or external contractors providing services to the DEVELOPER (such as external technical service providers, courier companies, hosting companies, IT companies, communication agencies) may have access to the Data, and will be appointed by the DEVELOPER as Data Processors, if necessary. An updated list of these parties may be requested from the DEVELOPER at any time.

3.1.2.- Legal Basis for Processing

The DEVELOPER may process the USERS' Personal Data if one of the following conditions is met:

  1. When the USERS have given their consent for one or more specific purposes. Notice: Under various different legislations, the DEVELOPER may be authorized to process Personal Data until the USER objects to it (“opt-out”) without relying on consent or any other legal basis. However, this will not apply when the processing of Personal Data is subject to European data protection laws;
  2. When the collection of Data is necessary for the performance of a contract between the USER and/or any other pre-contractual obligations thereof;
  3. When processing is necessary for compliance with a legal obligation to which the USER is subject;
  4. When processing is related to a task carried out in the public interest or in the exercise of official authority vested in the DEVELOPER;
  5. When processing is necessary for the purposes of a legitimate interest pursued by the DEVELOPER or a third party.

In any case, the DEVELOPER is at your disposal to clarify the specific legal bases that apply to the processing, and in particular, whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

3.1.3.- Place

The Data is processed at the DEVELOPER's operating offices and in any other places where the parties involved in the processing are located. Depending on the USER's location, Data transfers may involve transferring the USER's Data to a country other than their own. To find out more about the place of processing of such transferred Data, USERS can check the section containing details on the processing of Personal Data. USERS are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the DEVELOPER to safeguard their Data. If any such transfer takes place, USERS can find out more by checking the relevant sections of this document or inquire with the DEVELOPER using the contact information provided in the contact section.

3.1.4.- Retention period

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for. Therefore:

  • Personal Data collected for the purposes of the DEVELOPER’s performance of a contract with the USER shall be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the DEVELOPER’s legitimate interests shall be retained as long as needed to fulfill such purposes. USERS may find specific information regarding the legitimate interests pursued by the DEVELOPER within the relevant sections of this document or by contacting the DEVELOPER.

The DEVELOPER may be allowed to retain Personal Data for a longer period whenever the USER has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the DEVELOPER may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

4.- PURPOSES OF COLLECTED DATA

The Data concerning the USER is collected to allow the DEVELOPER to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its USERS or third parties), detect any malicious or fraudulent activity, as well as the following purposes: Contact management and message sending, and Statistics. USERS can find specific information regarding personal data used for each purpose in the section “Detailed information on the Processing of Personal Data”.

4.1.- Detailed Information on the Processing of Data

The APP only collects the following Anonymized data required by third parties to offer certain services as detailed below:

Push Notifications:

  • Data processed: Firebase installation ID
  • Place of processing: Any of the Google Cloud Platform locations or Google data centers
  • Category of personal data collected under the CCPA: Internet or other electronic network activity information.
  • Purpose of data use: We use the "Firebase Messaging" service to send notifications to the USER, if they have expressly approved the receipt of notifications. Firebase In-App Messaging uses Firebase installation IDs to determine which devices to send messages to. These Firebase installation IDs do NOT personally identify the USER. Firebase installation IDs are different for each app installation. Different applications on the same device have different Firebase installation IDs. Firebase installation IDs identify the installations and the app data linked to those installations.
  • User’s Right to Modify or Delete Data: Deleting and reinstalling all the DEVELOPER's applications on your device will generate a new identifier and cut any connection with the old one.
  • You can consult the privacy policy of Firebase Messaging at this link: https://firebase.google.com/support/privacy

App Usage Analytics:

  • Data processed : IdentifierForVendor
  • Place of processing: Germany
  • Category of personal data collected under the CCPA: Internet or other electronic network activity information.
  • Purpose of data use: We use the "TelemetryDeck" service to store the USER's behavior within the App. This allows us to detect and identify improvements to be made in the App. TelemetryDeck uses Apple's "IdentifierForVendor" API to ensure the USER's privacy. The identifier generated with this method is not linked to any identifiable information or private data of the USER.
  • User’s Right to Modify or Delete Data: Deleting and reinstalling all the DEVELOPER's applications on your device will generate a new identifier and cut any connection with the old one.
  • You can consult the privacy policy of Telemetry Deck at this link: https://telemetrydeck.com/privacy/

5.- USER RIGHTS

USERS may exercise certain rights regarding their Data processed by the DEVELOPER. Specifically, USERS have the right to do the following:

  • Withdraw their consent at any time. USERS have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
  • Object to processing of their Data. USERS have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the relevant section below.
  • Access their Data. USERS have the right to learn if Data is being processed by the DEVELOPER, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. USERS have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
  • Restrict the processing of their Data. USERS have the right, under certain circumstances, to restrict the processing of their Data. In this case, the DEVELOPER will not process their Data for any purpose other than storing it.
  • Have their Personal Data deleted or otherwise removed. USERS have the right, under certain circumstances, to obtain the erasure of their Data from the DEVELOPER.
  • Receive their Data and have it transferred to another controller. USERS have the right to receive their Data in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the USER's consent, on a contract which the USER is part of or on pre-contractual obligations thereof.
  • Lodge a complaint. USERS have the right to bring a claim before their competent data protection authority.

5.1.- Details about the right to object to processing

Where the processing of Personal Data is for a public interest, in the exercise of official authority vested in the DEVELOPER or due to a legitimate interest of the DEVELOPER, USERS may object to such processing by providing a reason related to their particular situation to justify their objection. USERS should know, however, that if their Personal Data is processed for commercial purposes, they can object to such processing at any time without providing a justification. To find out if the USERS' Personal Data is being processed by the DEVELOPER for commercial purposes, they should consult the relevant sections of this document.

5.2.- How to exercise these rights

Any request to exercise the USER's rights can be directed to the DEVELOPER through the contact details provided in this document. Such requests will be processed by the DEVELOPER free of charge as soon as possible and always within one month.

5.3.- Additional information on the collection and processing of Data

5.3.1.- Legal defense

The USER's Personal Data may be used for the legal defense of the DEVELOPER before a court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
The USER acknowledges that the DEVELOPER may be required by public authorities to disclose Personal Data.

5.3.2.- Additional information about the USER's Personal Data

In addition to the information contained in this privacy policy, this Application may provide the USER with additional and contextual information concerning particular Services or the collection and processing of Personal Data.

5.3.3.- Information not contained in this privacy policy

Further information regarding the collection and processing of Personal Data may be requested from the DEVELOPER at any time. The contact information is indicated at the beginning of this document.

5.3.4.- Modification of this privacy policy

The DEVELOPER reserves the right to make changes to this privacy policy at any time by notifying USERS through this page and, if possible, through this Site and/or technically and legally possible by directly notifying USERS, in case the DEVELOPER has the necessary contact information for this purpose. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom of the page. If the changes affect processing activities performed on the basis of the USER's consent, the DEVELOPER shall, if necessary, obtain a new consent from the USER.

6.- DEFINITIONS AND LEGAL REFERENCES

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification of a natural person.

Usage Data

Information collected automatically by this Application (or third-party services employed by this Application)

The USER

The individual using this Application and who is the subject of the Personal Data.

Data Processor (or Data Supervisor)

The natural or legal person, public administration, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or DEVELOPER)

The natural or legal person, public administration, agency or other body, acting alone or jointly with others, which determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. Unless otherwise specified, the Data Controller is the DEVELOPER of this Application.

This Application

The means by which the Personal Data of the USER is collected and processed.

Service

The service provided by this Application as described in the legal definitions and references (if available) and on this page or application.

European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Legal information

This privacy policy is drafted based on provisions of multiple legislations, including Arts. 13 and 14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy only refers to this Application, unless stated otherwise within this document.

7.- PREVALENCE OF THE ORIGINAL TEXT

This document may be a translation of the ORIGINAL privacy policy, which has been drafted in Spanish. Although efforts have been made to ensure the accuracy of this translation, in the event of any conflict, ambiguity, or discrepancy in interpretation between this version and the original Spanish version, the Spanish text shall always prevail. The original Spanish version can be found at "https://www.qvisionacademy.com/articles/iolevidence-privacy-policy-spanish" and is considered the official and binding version of the privacy policy. This translation is provided only for informational and convenience purposes for users who do not speak Spanish.

By accepting the terms and conditions of the APP, the USER acknowledges and agrees that they have had the opportunity to review both the Spanish version and this translation, and that their acceptance is based on their understanding of the License Agreement in the original Spanish version.