Privacy Policy

The purpose of this policy is to inform data subjects about the various processing carried out by this organization through the website and affecting their personal data in accordance with the provisions of Organic Law 3/2018 of December 5, 2018, on the Protection of Personal Data and guarantee of digital rights and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

  1. IDENTIFICATION AND CONTACT DETAILS OF THE DATA CONTROLLER

The organization DNA GENICS Limited Society domiciled at Paseo de la Castellana 81, p15, 28046 (Madrid) and Avd. De la Industria 16 , 28760 Tres Cantos (Madrid), Europe and email: info@dnagenics.com

  1. PURPOSE OF THE PROCESSING OF YOUR PERSONAL DATA

USERS/NAVIGATORS:

  • We will process your personal data provided through our web forms to:
  • To attend to requests, complaints and incidents transferred through our contact channels incorporated in the website.
  • Understand the behavior of the user within the web in order to detect possible computer attacks on our website.
  • Comply with legal obligations that are directly applicable to us and regulate our activity.
  • To protect and exercise our rights or to respond to claims of any kind.
  • Where applicable, sending commercial communications regarding the goods or services that make up our activity and / or news or newsletters related to our sector. Your refusal to provide us with the authorization will imply the impossibility of sending you information from the entity.
  • If applicable, to manage your participation in contests and special offers that the entity carries out. Your refusal to provide us with authorization will make it impossible for you to participate.
  • If applicable, to send satisfaction and/or quality surveys. Your refusal to provide us with the authorization will imply the impossibility to evaluate the service provided.
  • Manage your registration on the entity's web platform and generate a username and password. Your refusal to provide us with authorization will make it impossible for us to register you on the platform.
  • Manage, monitor and supervise your activity on the blog/forum. Your refusal to provide us with authorization will make it impossible for you to participate.

CLIENTS

We will process your personal data provided through our web forms for:

  • The management of the business relationship.
  • Provide the services you have contracted through this website.
  • The execution of precontractual measures in which you participate in case you have purchased or contracted our goods or services.
  • Carry out all the necessary steps in order to ensure the reception of the purchased product through this website.
  • Administrative, accounting and tax management of the relationship established with our clients when they have hired us.
  • To attend to requests, complaints and incidents transferred through our contact channels incorporated in the website.
  • To understand the behavior of the navigator within the web in order to detect possible computer attacks on our web.
  • Comply with legal obligations that are directly applicable to us and regulate our activity.
  • To manage your data and to facilitate them, if necessary, to external suppliers for the proper functioning of our business.
  • To protect and exercise our rights or to respond to claims of anykind.
  1. LAWFULNESS OF PROCESSING
  • USERS/WEBSITE VISITORS
    • In the consent you have given us to process your data for the purposes indicated. The refusal to provide your personal data will result in the impossibility of processing your data for the aforementioned purposes.
    • To comply with the legal obligations that apply to us. In this case, the data subject may not refuse to process personal data.
    • In our legitimate interest to protect our image, business and company’s history avoiding attacks on our website. In this case, the data subject may not refuse to process personal data, although data protection rights recognized in the eighth section of this policy may be exercised.

CLIENTS:

Execution of a contract in which it is part or application of pre-contractual means. The refusal to provide your personal data will make it impossible to process your data for the aforementioned purposes.

In the consent that you have given us to process your data for purposes other than the development or execution of the existing contract. The refusal to provide your personal data will make it impossible to process your data for the aforementioned purposes.

To comply with the legal obligations that apply to us. In this case, the interested party may not refuse the processing of personal data.

In our legitimate interest to protect our image, business and trajectory by avoiding attacks on our website. In this case, the interested party may not refuse the processing of personal data, although they may exercise, where appropriate, the rights recognized in the eighth section of this policy.

What data do we collect?

DNA Genics collects the following data:

  • Personal identification information (Name, email address)
  • Genomic data from others DNA companies
  • DNA matches list in text files format

How do we collect your data?

You directly provide DNA GENICS with most of the data we collect. We collect data and process data when you:

  • Register online or place an order for any of our products or services.
  • Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
  • Use or view our website via your browser’s cookies.
  • Upload your genetic data in the accept formats.

How will we use your data?

DNA Genics collects your data so that we can:

  • Process your DNA and relatives match for generating reports
  • Process your order and manage your account.
  • Email you with special offers on other products and services we think you might like.

We do not share your genomic data or reports with any other company. This data is anonymized and does not contain your name or your email address.

How do we store your data?

DNAGENICS securely stores your data at Microsoft Azure cloud environment, following standard security measures. The data is stored in a European data center provisioned by Microsoft Corp.

  1. WEBSITE TOOLS
  • CAPTCHA/reCAPTCHA

We use the Google CAPTCHA/reCAPTCHA service to detect, based on legitimate interest, if the website is being used by bots, in order to protect the portal and prevent abusive and fraudulent practices, such as sending spam. You can access our supplier's privacy policy by clicking here https://policies.google.com/privacy?hl=en-US

  • Google Analytics

Provided that we have your consent, we will use Google Analytics for statistical purposes in order to understand how you interact with our website or, where appropriate, to know the performance of their advertising campaigns, through the so-called cookies. For these purposes, you should note that, by using the service, Google will collect and store information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity. We inform you that the use of Google may involve International Data Transfers not based on an adequacy decision of the European Commission or on the provision of adequate safeguards, and therefore do not have an adequate level of protection in accordance with the provisions of the GDPR. For appropriate purposes, we inform you that this fact may entail certain risks for the protection of your personal data. Such risks may include the absence of an equivalent supervisory protection authority and/or equivalent data processing protection principles and/or data subject protection rights. We therefore recommend that you first carefully read our provider's privacy policy by clicking here. https://policies.google.com/privacy?hl=en-US

  • YouTube

Our website uses plugins of the YouTube platform with technology provided by Google. YouTube will only associate your browsing behavior with your personal profile if you are logged in to your account. You can prevent this by logging out.

We recommend that you carefully read our provider's privacy policy beforehand by clicking here.

https://policies.google.com/privacy?hl=es]

  1. DATA RETENTION DEADLINES OR CRITERIA

The personal data provided will be kept for as long as necessary to fulfill the purposes for which they were initially collected.

Once the data are no longer necessary for the processing in question, they will be properly blocked to, where appropriate, make them available to the competent Public Administrations and Agencies, Judges and Courts or the Public Prosecutor's Office, during the limitation period for actions that may arise from the relationship with the client and/or the legally prescribed retention periods.

Data blocking period:

THE CIVIL CODE Between 5 or 15 years depending on the case, according to the provisions of article 1964.2 of the aforementioned legal body.

THE COMMERCE CODE . For 6 years, according to the provisions of article 30 of the aforementioned legal body. It applies regarding commercial information related to (invoices issued and received, tickets, corrective invoices, bank documents, etc.).

THE GENERAL TAX LAW . For 4 years attending to the provisions of articles 66 to 70 of the aforementioned legal body. It applies to information related to tax obligations.

LAW 10/2010, OF APRIL 28, FOR THE PREVENTION OF MONEY LAUNDERING AND THE FINANCING OF TERRORISM. For 10 years according to the provisions of 25 of the law.v

  1. AUTOMATED DECISIONS AND PROFILING.

The website does not make automated decisions or create profiles.

  1. RECIPIENTS.

During the duration of the processing of your personal data, the organization may transfer your data to the following recipients:

  • Judges/Court.
  • State Security Forces and Corps.
  • Other competent public authorities or bodies, where the controller has a legal obligation to provide personal data.
  1. INTERNATIONAL DATA TRANSFERS.

The organization does not make any International Data Transfer.

  1. RIGHTS

The interested parties may exercise at any time and totally free of charge the rights of access, rectification and erasure, as well as request that the processing of their personal data be limited or request the portability of them (where technically possible) or withdraw the consent given, and where appropriate, not to be the subject of a decision based solely on automated processing, including profiling.

To do this, you can use the forms enabled by the organization, or send a letter to the email address indicated above. In any case, your application must be accompanied by a photocopy of your ID or equivalent document, in order to prove your identity.

In the event that you feel your rights regarding the protection of your personal data have been violated, especially when you have not obtained satisfaction in the exercise of your rights, you can file a complaint with the competent Data Protection Control Authority.

In compliance with Directive 2000/31/EC, if you do not wish to receive further information about our services, you may unsubscribe by sending an email to the address info@dnagenics.com, with "UNSUBSCRIBE" subject or by clicking on the **unsubscribe* box.

What are your data protection rights?

DNA Genics would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request DNA Genics for copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that DNA Genics correct any information you believe is inaccurate. You also have the right to request DNA Genics to complete the information you believe is incomplete.

The right to erasure – You have the right to request that DNA Genics erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that DNA Genics restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to DNA Genics’s processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that DNA Genics transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email:

Write to us: info@dnagenics.com

  1. TRUTHFULNESS OF THE DATA

The data subject guarantees that the data provided are true, accurate, complete and up-to-date; committing to report any changes with respect to the data that it provided, by the channels enabled for this purpose and indicated in point one of this policy. You will be liable for any damages, both direct and indirect, that you may cause as a result of the breach of this obligation.

In the event that the user provides data of third parties, declares that he has the consent of the interested parties and undertakes to transfer the information contained in this clause, exempting the organization from any liability arising from the failure to comply with this obligation.

  1. SOCIAL NETWORKS

In order to let you participate in our activity, and so that you can be aware of our news, we inform you that DNA GENICS SL has created a profile in the Social Networks.

All users have the opportunity to join our social networks or groups. However, you should be aware that, unless we request your data directly (for example, through marketing actions, contests, promotions, or any other valid way), your data will belong to the corresponding Social Network, so we recommend that you carefully read its terms of use and privacy policies, as well as, make sure to configure your preferences regarding the processing of data.

Below, we detail the link to the privacy policy to the various Social Networks in which we have presence, so you can access at all times to privacy policies and configure your profile to ensure your privacy:

Facebook: https://es-es.facebook.com/privacy/policy/?entry_point=facebook_page_footer

Instagram: https://privacycenter.instagram.com/

 

  1. DATA VERACITY

The data subject guarantees that the data provided are true, accurate, complete and up-to-date; committing to report any changes by the channels enabled for this purpose and indicated in this policy. You will be liable for any damages, both direct and indirect, that you may cause as a result of the breach of this obligation.

In the event that third party data is provided, the user must declare that the consent of the interested parties has been obtained, committing to transfer the information contained in this clause. The organization will be exempt from any liability arising from the failure to comply with this obligation.

MODIFICATIONS

This privacy policy may be modified/updated according to the legal requirements established or in order to adapt this policy to the instructions issued by the Data Protection Supervisory Authority (Spanish Data Protection Agency),  or changes to our website. For this reason, we advise users to periodically visit our Privacy Policy.

If you have any questions about this policy, you can contact with DNA GENICS SL through the forms provided by the organization, or send a letter to the postal address or e-mail address referenced in the heading.

Last review February 22nd, 2024