PERSONAL DATA PROTECTION POLICY
1. Identification of the Data Controller
In compliance with the duty of information, the party responsible for managing your data is identified as follows:
Owner: EHSIC SAS (Virtual Surgical masterclass)
Tax ID (NIF/CIF): TAX ID. NO. FR23984451484
Address: 157, avenue des chênes rouges
30100 Ales
Contact Email:info@virtualsurgicalmasterclass.com
2. Purposes of Processing
Personal data provided through this commercial website will be processed for the following purposes:
Order Management: Processing purchases, shipping products, and invoicing.
Customer Service: Resolving doubts or inquiries sent through contact forms.
Commercial Communications: Sending offers and promotions about our products (provided the user has authorized this through a clear affirmative action).
Transfer to Third Parties: If you specifically consent, your data may be shared with collaborating companies for advertising purposes.
3. Legal Basis for Processing
The processing of your data is based on:
Performance of a Contract: To process your purchases and requested services.
Consent of the Data Subject: For sending advertising and transferring data to third parties. This consent must be specific and unequivocal for each separate purpose.
Legal Obligation: To comply with tax and consumer regulations.
4. Data Retention and Blocking
Data will be kept for as long as the commercial relationship lasts. Once ended, the controller will proceed to the blocking of the data.
Blocking consists of identifying and reserving the data, adopting technical and organizational measures to prevent its processing, except for making it available to judges, courts, the Public Prosecutor's Office, or competent Public Administrations for the purpose of addressing potential liabilities arising from the processing.
This blocking is limited to the statute of limitations period for such liabilities. Once this period has elapsed, the data must be destroyed.
5. User Rights (ARCO+ Rights)
You have the right to exercise control over your personal data through the following rights recognized by law:
Access: To know what data we have and how we use it.
Rectification: To correct inaccurate or incomplete data.
Erasure ("Right to be forgotten"): To request the deletion of your data when it is no longer necessary.
Objection: To object to specific processing, such as the sending of advertising.
Portability: To receive your data in a structured format to transmit it to another provider.
Restriction of Processing: To request the temporary suspension of the use of your data in specific cases.
To exercise these rights, you may send a free request accompanied by a copy of your identity document to [Insert Contact Email].
6. Security and Confidentiality
The controller and all persons involved in any phase of processing are subject to the duty of confidentiality, an obligation that remains even after the relationship with the company has ended. Necessary technical and organizational measures are applied to prevent the loss, alteration, or unauthorized access to the data.
7. Data of Minors
The processing of minors' personal data based on consent is only lawful if they are over fourteen years of age. For children under that age, the consent of the holder of parental authority or guardianship is strictly required