Privacy policy

Our Privacy Policy has been designed in accordance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter GDPR EU 2016/679. Where not in conflict with this Regulation, it is also based on the provisions of Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights, hereinafter LOPDGDD 3/2018.

By providing us with their data, the customer and/or user declares that they have read and understood this Privacy Policy, giving their clear and explicit consent for the processing of their personal data in accordance with the purposes and terms set forth herein.

Controller:

Antonio Torres Ribas

Purpose:

To respond to information requests received, send quotations, and send commercial communications about our products via letter, telephone, email, SMS/MMS, WhatsApp, Telegram, or other equivalent electronic communication means, provided the data subject has consented to the processing of their personal data for this purpose.

Legal Basis:

Performance of a contract to which the data subject is party or in order to take pre-contractual measures at their request. Legitimate interest of the controller. Consent of the data subject.

Recipients:

No data will be transferred to third parties, except under legal obligation.

Rights:

You have the right to access, rectify, and erase your data, as well as other rights detailed in the additional information, which you may exercise by contacting the data controller at meduclean@gmail.com

Additional Information:

You can consult additional and detailed information on Data Protection in the annexed clauses available at https://meduclean.com/privacy-policy/

Identity:

Antonio Torres Ribas

N.I.F.:

46955925E

Address:

Camino Benimussa, 32 - 07820 Sant Antoni de Portmany-Ibiza (Baleares)

Phone:

(+34) 722 85 54 75

Email address:

meduclean@gmail.com

For the purposes outlined in the previous section, we process a set of client data that can be divided into the following sources and categories:

a) Data directly provided by the client and/or user:

data provided directly by the client and/or user, either at the time of requesting the service through the completion of electronic or paper forms specifically designed for this purpose, as well as data provided throughout the contractual relationship via various means such as information requests or submitted claims. The client and/or user is responsible for the accuracy and updating of this information.

b) Data obtained from sources other than the client and/or user:

data obtained from sources other than the client and/or user, either with their consent or under any other legal authorization (legitimate interest, compliance with a legal obligation, etc.

c) Data derived from the development of the commercial relationship:

data indirectly provided by the client and/or user as a result of the provision of the contracted service and the maintenance of this activity. This category includes traffic data, browsing data through the public website or access to the private area, and other similar types of data.

We inform you that the personal data obtained from the client and/or user as a result of completing the electronic forms available on the WEBSITE are part of the Record of Processing Activities (RPA) of the DATA CONTROLLER. This record will be periodically updated in accordance with the provisions of the EU GDPR 2016/679 and the LOPDGDD 3/2018.

The personal data of data subjects will be communicated to the following recipients:

a) In general:

Service providers of the DATA CONTROLLER, acting as data processors, within the framework of the relevant service provision (lawyers, accounting, tax, and labor advisors, consultants, and IT service providers—such as website hosting and email services).

Competent authorities and public bodies, as necessary for compliance with legal obligations.

Regarding the "Contact Form" and other inquiries (those sent through the email accounts listed on the WEBSITE):

Data will not be disclosed to third parties, except where legally required.

Google LLC, the provider of the Gmail email service, based on the adequacy decision of the EU-U.S. Data Privacy Framework.

No data transfers to third countries without an adequate level of protection are planned.

b) Data derived from the development of the commercial relationship:

data indirectly provided by the client and/or user as a result of the provision of the contracted service and the maintenance of this activity. This includes traffic data, browsing data through the public website, access to the private area, or other data of a similar nature.

Personal data will be retained as follows:

a) In general:

Data will be kept as long as the client or user does not request its deletion and, in any case, for the number of years necessary to comply with legal obligations.

b) Regarding the “Contact Form” and other inquiries (those sent through the email accounts listed on the WEBSITE):

Personal data will be kept until the end of the relationship between the DATA CONTROLLER and the client and/or user, unless the client/user requests their deletion beforehand, or until the data subject withdraws the consent previously given, without this affecting the legality of the processing based on consent prior to its withdrawal.

For these purposes, the data subject is reminded that they must notify the DATA CONTROLLER, as the recipient of the personal data, of any correction or deletion of data relating to their representatives, authorized persons, and other contacts.

Once the relationship has ended, insofar as the personal data of the data subjects are relevant to the responsibilities of the DATA CONTROLLER toward clients and/or users, such data will be retained, properly blocked, and made available to judicial authorities or competent public administrations for the enforcement of liabilities arising from the processing for the period of prescription of those liabilities.

Clients and/or users of the WEBSITE may exercise, where applicable, the following rights before the DATA CONTROLLER: access to personal data, rectification, deletion (right to be forgotten), restriction of processing, data portability, objection to processing and not to be subject to automated individual decisions, and, when processing is based on consent, the right to withdraw it at any time.

Clients and/or users may exercise these rights by submitting a written and signed request to the postal address of the DATA CONTROLLER at Camino Benimussa, 32 - 07820 Sant Antoni de Portmany-Ibiza (Baleares), or via email to meduclean@gmail.com, attaching in both cases valid proof of identity (such as a copy of the DNI/NIE or equivalent document) and clearly indicating the right they wish to exercise.

Clients and/or users also have the right to file a complaint with the competent supervisory authority (Spanish Data Protection Agency) if they consider that the processing does not comply with current regulations or that their rights regarding personal data protection have been violated, especially if they have not obtained satisfaction in exercising their rights, through the website https://www.aepd.es.

These rights will be attended to by the DATA CONTROLLER within 1 month, which may be extended by 2 months if the complexity of the request or the number of requests so requires. This is without prejudice to the duty to retain certain data under legal terms and until any liabilities arising from processing or, where applicable, a contractual relationship have expired.

Additionally, in relation to data protection regulations, users may request to organize the destiny of their data after their death.

In compliance with the provisions of the Second Final Provision of Law 9/2014, of May 9, on Telecommunications, which modifies Law 34/2002, of July 11, on Information Society Services and Electronic Commerce, commercial communications sent electronically must be clearly identifiable as such, and the natural or legal person on whose behalf they are made must also be clearly identifiable, without prejudice to the regulations issued by the Autonomous Communities with exclusive competence over consumer matters.

The client and/or user who provides their contact details to the DATA CONTROLLER by clicking the “SEND” button on the electronic personal data collection forms available on the website and who affirmatively checks the two consent boxes—“I accept the processing of my data according to the purposes indicated in the basic data protection information” and “I give my consent to receive commercial communications about your services”—expressly and freely grants their unequivocal consent to the DATA CONTROLLER to process their personal data for the purpose of sending commercial communications about its services via letter, telephone, email, SMS/MMS, WhatsApp, Telegram, or other equivalent electronic communication means.

The legal basis legitimizing this processing is the consent of the data subject, which may be revoked at any time.

In accordance with Articles 21 and 22 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce, the user may object to the processing of their data for promotional purposes and revoke the consent given to receive commercial communications by email simply by notifying the DATA CONTROLLER through an easy and free procedure, consisting of sending an email to meduclean@gmail.com, with the subject line “UNSUBSCRIBE” or “DO NOT SEND”.

The data provided will be retained as long as the commercial relationship is maintained or for the years necessary to comply with legal obligations.

The DATA CONTROLLER maintains profiles on the following social media platforms:

• Instagram: https://www.instagram.com/meduclean/
• YouTube: https://www.youtube.com/@meduclean

In this context, the DATA CONTROLLER is considered responsible for the processing of data from its users—meaning followers, subscribers, fans, or simply individuals who comment or make inquiries via these platforms.

Accordingly, the DATA CONTROLLER may use these profiles to share news deemed relevant to the services provided, or to share information or current articles published by other users on social media.

Under no circumstances will the DATA CONTROLLER use users' personal information for purposes beyond those expected within the mentioned social networks, and, where applicable, will seek the user's consent.

The client and/or user is responsible for ensuring that the information provided through the electronic forms available on the WEBSITE or via email messages sent to any email accounts under the domain meduclean.com is truthful. The user is accountable for the accuracy of all data submitted and agrees to keep such information updated so that it reflects their actual situation. They are also responsible for any false or inaccurate information provided and for any damages, inconveniences, or issues that such data might cause to the DATA CONTROLLER or third parties.

The website's servers may automatically detect the IP address and domain name used by the user.

An IP address is a number automatically assigned to a computer when it connects to the internet. All this information is recorded in a server activity log, which allows for the subsequent processing of data for the sole purpose of obtaining statistical measurements—such as the number of page views, the number of visits to the web services, the sequence of visits, point of access, etc.

The DATA CONTROLLER ensures that appropriate technical and organizational policies have been implemented on the WEBSITE to enforce the security measures required under EU Regulation 2016/679 (GDPR) and the Spanish Data Protection Act (LOPDGDD 3/2018), with the aim of protecting the rights and freedoms of clients and/or users and has provided them with the necessary information to exercise those rights.

To safeguard individual rights—particularly in relation to automated processing—and to maintain transparency, the DATA CONTROLLER has implemented a policy covering all such processing, the purposes pursued, the legal basis for such processing, and the tools available to users to exercise their rights. The WEBSITE is built using HTML, CSS, and other operating systems. It has an SSL encryption certificate enabled across the entire domain and uses Google's reCAPTCHA to detect traffic from automated programs or bots. This ensures secure transmission of personal data submitted through the website's electronic data collection forms.

The WEBSITE is hosted on servers provided by Webempresa Europa, S.L., with registered office at C/ Almagro 11, 6º 7ª - 28010 Madrid. The assigned IP address falls within the European range.

El SITIO WEB está alojado en los servidores que Webempresa Europa, S.L. con domicilio social en C/ Almagro 11, 6º 7ª – 28010 Madrid, ofrece al RESPONSABLE DEL TRATAMIENTO, siendo la dirección IP asignada de rango europeo.

All information is stored and managed with appropriate confidentiality measures, applying necessary IT security safeguards to prevent unauthorized access or misuse of the data, as well as to avoid data manipulation, damage, or loss.

However, clients and/or users must bear in mind that no computer system can be guaranteed to be entirely secure. When personal data is transmitted over the internet, it may be collected without consent and processed by unauthorized third parties. The DATA CONTROLLER accepts no responsibility for any consequences arising from such actions if the user voluntarily disclosed the information.

El cliente y/o usuario declara haber sido informado de las condiciones sobre protección de datos personales, aceptando y consintiendo el tratamiento automatizado de los mismos por parte del RESPONSABLE DEL TRATAMIENTO en la forma y para las finalidades indicadas en la presente Política de Privacidad. Ciertos servicios prestados en el SITIO WEB pueden contener condiciones particulares con previsiones específicas en materia de protección de datos personales.

The DATA CONTROLLER reserves the right to modify this Privacy Policy to adapt it to legislative or jurisprudential developments, interpretations by the Spanish Data Protection Agency, or industry practices.

In such cases, the DATA CONTROLLER will announce the changes made on the website(s) with reasonable notice prior to their implementation.

This Privacy Policy may be supplemented by the Legal Notice, Cookies Policy, and the General Terms and Conditions of Contracting that may apply to specific products or services, where access to them involves particular considerations regarding the protection of personal data.