Privacy Statement

At Prevscan, we handle your personal and medical data with the utmost care and in accordance with applicable law, including the EU General Data Protection Regulation (GDPR). We ask for your consent where required and keep you informed about how your data is used.

Data Controller

The data controller responsible for your personal data is:
Prevscan SL (CIF: B75931840)
Calle Tadorna 50, 03730 Jávea, Spain
contact@prevscan.es · +34 675 64 95 20

Categories of Personal Data

Depending on the services you use, we may collect:

• Personal identification details (name, address, date of birth)
• Contact details (email address, phone number)
• Medical history and health information
• Pre-scan biometric measurements
• Laboratory and radiology results
• Payment details

Health data is classified as special category data under GDPR Article 9. We process this data only with your explicit consent and solely for the purpose of providing our preventive health screening services.

Legal Basis for Processing

• Contract performance — to deliver the services you have booked
• Legal obligation — to comply with applicable medical and financial record-keeping requirements
• Explicit consent — for the processing of health data (Article 9 GDPR) and for optional communications such as newsletters
• Legitimate interest — to improve our services and communicate relevant changes

Purposes of Data Processing

Your personal data is used for:

• Maintaining your medical records
• Scheduling and managing appointments
• Providing and improving our services
• Sending health-related newsletters and updates (with your consent, and only where you have opted in)
• Invoicing and payment processing
• Compliance with legal obligations

Analytics & Cookies

This website uses Umami, a privacy-first, cookieless analytics tool. It collects no personal data, sets no cookies, and stores no identifying information. We use it only to understand overall traffic patterns (e.g. page visits, referral sources). No consent banner is required because no personal data is collected.

We do not use Google Analytics, Facebook Pixel, or any advertising or tracking scripts.

The only cookies this site may set are strictly necessary functional cookies (e.g. session state). These are exempt from consent requirements under GDPR.

Disclosure to Third Parties

Your data is only shared with third parties where there is a legal basis or with your explicit consent. This includes:

• Partner medical facilities (HCB Denia) — for the performance of your scan
• Payment processors — solely to process your payment securely

We do not sell, rent, or share your data for marketing purposes.

Retention Periods

We retain your data only for as long as necessary:

• Medical records: minimum 5 years, in accordance with Spanish healthcare legislation
• Financial records: 5 years
• Newsletter / marketing consent: until you withdraw your consent

Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. Access to medical records is restricted to authorised clinical staff only.

Your Rights

Under GDPR, you have the right to:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate data
• Erasure — request deletion of your data (subject to legal retention obligations)
• Restriction — request that we limit how we process your data
• Portability — receive your data in a structured, machine-readable format
• Objection — object to processing based on legitimate interest
• Withdrawal of consent — withdraw consent at any time, without affecting prior processing

To exercise any of these rights, contact us at contact@prevscan.es.

Supervisory Authority

If you believe your data has been processed unlawfully, you have the right to lodge a complaint with the Spanish Data Protection Authority:

Agencia Española de Protección de Datos (AEPD)
www.aepd.es

Changes to This Statement

We reserve the right to update this privacy statement. The date at the top of this page reflects the most recent revision. We recommend checking back periodically.