Privacy Policy

Who is the controller of your personal data?
Data Controller: Ephion Health SL (“Controller”)
Tax Identification Code (NIF):  B16776411
Address: Av. Universitat Autònoma nº 23. Parc Tecnològic del Vallès, 08290 Cerdanyola del Vallès, Barcelona, Spain
email address:
Telephone number: +34 634270335

Why do we process your personal data?
The Controller process the data provided in the contact form solely and exclusively be used to answer the Users’ queries. There could be forms on our website that collect users’ data for specific purposes. In these cases, this will be subject to the specific terms and conditions in each case. The data obtained by the cookies installed, shall be treated for the purposes detailed at the Cookies Policy, and are subjected to the User’s consent. However, there are cookies that are strictly necessary for the web functions, that one’s do not require User’s consent. You may obtain further information consulting the Cookies Policy.

Is it compulsory to provide all the information requested in the forms on the website? Regarding the form on the website, User’s must complete the spaces marked “compulsory”. If they do not complete the required personal data or only partially provide them this could mean that the Controller is unable to deal with their requests and therefore, the Controller, will be exonerated from all liability for not rendering or not fully rendering the requested services. The personal data that Users provide to the Controller must be current data so that the information in our records is up-to-date and error-free. Users will be heldliable for the data provided being true.

How long will we keep your personal data?
The personal data will be kept while the purposes lasts for which they were provided and their deletion or cancelation has not been requested.

What is the legal basis for processing users’ personal data?
The legal basis for processing personal data is the consent granted by accepting the personal data processing clause.

To whom will users’ data be disclosed?
Data will not be disclosed to third parties unless there is a legal obligation to do so. If there is any intention to disclose them, the authorisation of the data subjects will be obtained beforehand.

What are users’ rights regarding their personal data?
Users may exercise their right of access to their personal data and to request rectification of any incorrect data or, if need be, request deletion when the data are no longer necessary for the purposes for which they were obtained. They may also request restriction, portability and objection to their data being processed under certain circumstances and for reasons related to their particular situation. They are also entitled to withdraw their consent at any time without this retroactively affecting the personal data processing carriedout up to such time. Users may exercise their aforementioned rights, according to the terms and conditions inthe law in force, at the Controller’s registered office of or by submitting therequest by email to If the Users do not obtain a satisfactory reply and wish to file a claim or obtain further information about any of these rights, they may contact the Spanish Data Protection Agency ( – C/ Jorge Juan, 6 in Madrid, Spain).

Which security measures has the company implemented?
The Controller hereby informs to Users that it has implemented the required technical and organisational security measures to ensure the security of users’ personal data and prevent their alteration, loss, unauthorised processing and/or access according to the state of the art, the nature of the data stored and the risks to which they are exposed, whether due to a human action or physical or natural media, according to the provisions in the regulations in force.

Social media
The Controller may have profiles on different social media websites in order to advertise and publish information about the services it renders through its website, to interact with the users and to use these networks as a channel for social encounters and interaction. We provide links below to the privacy policies of the social media websites where the Controller may have an active profile: