DSD is committed to protect the privacy of users of this website (the “Website”) and will do everything in its power to ensure that users’ Personal Data is treated with respect to their fundamental rights and freedoms as well as personal dignity, with particular reference to confidentiality.
We may require users to provide certain personal information and details in order to provide our services, and we would therefore like to explain the procedures and ways in which we handle data supplied to us.
In general, any information and data which you provide, or which is otherwise gathered by us in the context of the Website, will be used by DSD in compliance with Regulation (EU) 2016/679 (“GDPR”).
This means, in particular that any Personal Data processing carried out by DSD will respect the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, data minimization, accuracy, integrity and confidentiality.
The Data Controller regarding all Personal Data processing operations carried out through the Website is DSD, with registered offices at Calle Enrique Granados, 6 (modúlos 4, 5, 6), 28224 Pozuelo de Alarcón, Madrid.
DSD has appointed a local coordinator for privacy/Data Protection Officer (DPO) as contact for any information regarding the processing of Personal Data by DSD, please contact: [email protected]/ [email protected]
Personal Information we may collect.
As you use the Website and, in particular, as you provide information and upload files to the Website in order to access the Website’s services, DSD may collect and process information related to you as an individual and which allows you to be identified, either directly or together with additional information (“Personal Data”).
Such information may include your name, address, telephone number, email address, date of birth or age, gender, credit card and other financial information related to payments for services, dental records, photographs and other information you choose to provide.
We will also collect information about your use of our Website as described in the section "Cookies and Advertisements" below.
How We May Use Your Personal Information.
DSD intends to use your Personal Data, collected through the Website, for the following purposes:
• To set up and manage your member account in our Sites.
• To allow you to use and purchase products and services.
• To provide you with information about our products, services, news and events we believe may be of interest to you.
• To gather demographic information about user trends.
• To analyze use of our services and products, develop new services and products, and customize our products, services and other information we make available.
How We Share Your Personal Information.
In the framework of its activity and for the purposes specified above, your Personal Data may be shared with the following entities (“Recipients”):
- Other companies within the DSD Group* for internal administrative purposes.
- Our partners for purposes of performing services on our behalf, such as business, administrative, accounting, tailored advertising, measuring and improving our services and products, and enabling other enhancements. This may include our partners contacting you via email, mobile phone, text, or other means to which you consent.
- Align Technology, Inc. and its subsidiaries (makers of Invisalign aligners), in connection with offering you co-branded services or features (e.g., conferences, events, live trainings, webinar programs), selling or distributing our products, or engaging in joint marketing activities.
- Selected individuals authorized by DSD to process Personal Data needed to carry out activities strictly related to the provision of the services through the Website, who have undertaken an obligation of confidentiality or are subject to an appropriate legal obligation of confidentiality.
- Public entities, bodies or authorities, in accordance with the applicable law or binding orders of those entities, bodies or authorities.
Your Rights and Choices.
As a data subject, you are entitled to exercise the following rights, at any time:
- Obtain confirmation as to the existence of your Personal Data being processed by DSD, access and obtain copy of such data.
- Update, modify and/or rectify your Personal Data where it may be inaccurate or incomplete.
- Obtain erasure of your Personal Data where you feel that the processing is unnecessary or otherwise unlawful, render Personal Data anonymous, block data whose processing is unlawful or set limits to the processing.
- Object to the processing of your Personal Data, based on relevant grounds related to your particular situation, which you believe must prevent DSD from processing your Personal Data for a given purpose.
- Object to processing of Personal Data that is made for the purposes of sending advertising material, carrying out direct sales, market researches or for commercial communication.
- Withdraw your consent to processing (for Marketing and Profiling), where your consent serves as the legal basis for processing – this will not affect the lawfulness of processing carried out prior to your withdrawal.
- Request the restriction of the processing of your Personal Data, where you feel that the Personal Data processed is inaccurate, or that the processing is unnecessary or unlawful, as well as where you have objected to the processing.
- Portability – you have the right to obtain a copy of the Personal Data you provided to DSD.
Please note that most of the Personal Data you provide to DSD can be changed at any time, by accessing, where applicable, your user profile created on the Website.
You can also withdraw consent for Marketing (for communications received via e-mail) by selecting the appropriate link included at the bottom of every marketing message. Consent for profiling carried out by cookies may be withdrawn at any time.
When you request the deletion of your Personal Data, we not only delete the data from our system, but we also notify all identified third parties that have access to the personal data to completely remove the data from their systems and confirm erasure.
At any time, you shall be entitled to exercise the rights established by the law in force, by addressing the relevant request to our Privacy Department by sending a written notification to the email: [email protected]
Models, application forms and other information regarding rights is available in the website www.aepd.es of the Control Authority, the Spanish Data Protection Agency, hereinafter, AEPD for its abbreviation in Spanish.
How We Protect Your Personal Information.
- DSD has implemented duly documented and regularly updated personal data protection policies.
- DSD´s personal data protection procedures are formally documented, when required, periodically reviewed and substantiated with objective documents (e.g., minutes of meetings, lists, IT logs), which may demonstrate constant diligence and vigilance regarding the protection of personal data in the processing activities carried out.
- DSD has appointed both a security officer and a data protection officer (DPO) responsible for coordinating and monitoring the security rules and procedures as well as data protection compliance.
- DSD’s employees are aware of the procedures for data subjects to exercise their right of access, and for communicating requests to exercise data subjects’ rights to the data controller.
- DSD maintains a general register where these requests, e.g., to exercise the right of access, are recorded.
- DSD has appointed a person/function (the DPO) in charge of providing written explanations to the data controller regarding requests from data subjects.
- DSD has set a deadline for communicating requests to the data controller.
- DSD has a procedure to document, in writing, any refusals given to data subjects’ requests to exercise their rights to erasure, restriction of processing or data portability, and to share this documentation with the data controller.
- DSD Client´s Data will be deleted once they have fulfilled the purpose for which they were collected and the conservation periods have been met due to legal obligation.
- DSD acts as the Processor of patient´s data communicated to us by healthcare professionals. For this reason, all health professionals who register on our platform accept the conditions of data processing, and are responsible for obtaining the informed consent of patients. Likewise, those registered health professionals who are granted the provision or performance of a service will act as sub-charger and are obliged to comply with the minimum measures established in the "data patients" section.
- DSD will use the personal data subject to processing exclusively for the purpose object of their responsibility.
- DSD will process data according to the guidelines drafted by the healthcare professionals.
- DSD may communicate the data to other companys for the performance of its services, acting as sub-processors, including outside the EEA.
*DSD Group is formed by the following companies: DSD Planning Center S.L, DSD Printing Lab S.L, DSD Applications LLC, DSD USA LLC, DSD Planning Center Brasil Ltda, Digital Smile Design Consultoria Odontologica Ltda, Digital Smile Design Hong Kong Limited.