Privacy Policy

This privacy policy explains how Villarreal Clinic collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Spanish law.

Data Controller

[CLINIC LEGAL NAME] — [FULL ADDRESS] — Email: [EMAIL] — CIF/NIF: [CIF/NIF]

Data Collected

We collect the following personal data: full name, date of birth, national identity number (DNI/NIE/Passport), gender, nationality, and contact details (email, phone). Medical information necessary for your treatment may also be collected.

Purpose of Processing

Your data is processed for the following purposes: patient file management, appointment scheduling, medical follow-up, and administrative management of the clinic.

Legal Basis

The processing of your health data is based on your explicit consent (Art. 9(2)(a) GDPR) and the provision of healthcare services (Art. 9(2)(h) GDPR).

Data Retention

Your medical records are retained for a minimum of 5 years in accordance with Spanish healthcare legislation. Administrative data is retained for the legally required period.

Your Rights

You have the right to access, rectify, erase, restrict processing, data portability, and object to the processing of your personal data. To exercise these rights, please contact us at: [EMAIL]

Contact

For any questions regarding this privacy policy or the processing of your personal data, please contact us at: [EMAIL]