Privacy Policy

Fly Covid Test is an initiative of Arquimea Médical(part of an international cross-sectoral technology group, that develops solutions and innovative products in highly-demanding activity sectors), and two leading laboratories in biotechnology Instituto de Medicina Genómica, S.L. (IMEGEN) and Laboratorio de Genética Clínica, S.L. (LABGENETICS).

For Fly Covid Test, our customers, partners and collaborators data are one of the basic columns for the correct development of our business processes.

That’s why the proper processing of these data, guaranteeing the rights of interested parties, and complying with the current regulations is one of our main priorities.

We want you to know our purposes when we use, or want to use, your data and what are your rights in relation to the processing that we do.

With this aim, we have developed the following Privacy Policy which regulates the processing to be carried out with any user’s data, when using our web page www.flycovidtestcenter.com(hereinafter, the “Website“), or filling out any of the contact or service forms that it includes.

This privacy policy may be modified to adapt to any future legislative changes; The user data processing will be always regulated by the Privacy Policy published at the time of use of any of our services.

PLEASE TAKE A FEW MINUTES TO READ OUR PRIVACY POLICY, IT WON’T TAKE LONG. WE WANT TO EXPLAIN TO YOU IN A SIMPLE, CLEAR AND TRANSPARENT WAY HOW WE PROCESS AND PROTECT YOUR PERSONAL INFORMATION AND YOUR RIGHTS. YOUR SECURITY AND THE SECURITY OF YOUR PERSONAL DATA IS FUNDAMENTAL FOR US AND WE TAKE ITS ADEQUATE PROTECTION VERY SERIOUSLY.

 

  1. WHO DOES THIS POLICY APPLY TO?

This Privacy Policy is applicable to all users of the Website, whether they are customers or not (hereinafter, indistinctly, the “User” or “Users“) who are considered natural persons. By personal data, we mean any information about an identified or identifiable natural person.

This Website is addressed to Users over 18 years of age, and its use is forbidden to minors under this age. Furthermore, the User responsibly acknowledges that he/she has sufficient legal capacity to be able to subscribe the services offered, if applicable.

 

  1. WHO IS THE DATA CONTROLLER OF YOUR PERSONAL DATA?

The responsible for the processing of your personal data are:

  • For services provided in the airports Josep Tarradellas Barcelona-El Prat, Reus y Girona-Costa Brava
    • ARQUIMEA-IMEGEN 1, UTE, CIF: U67741033
      Registered Office: Calle Margarita Salas, 10, 28919, de Leganés (Madrid). Email: [email protected]
      Constituida por Arquimea Médical S.L.U, Cif: B87739587 e Instituto de Medicina Genómica S.L.U., Cif: B98165723.
  • For services provided in the airports Cesar Manrique-Lanzarote, Fuerteventura, Gran Canaria, La Palma-Mazo, Tenerife Norte-Ciudad de la Laguna y Tenerife Sur
    • ARQUIMEA-IMEGEN 2, UTE, CIF:67741066
      Registered Office: Calle Margarita Salas, 10, 28919, de Leganés (Madrid). Email: [email protected]com
      Constituida por Arquimea Médical S.L.U, Cif: B87739587 e Instituto de Medicina Genómica S.L.U., Cif: B98165723
  • For services provided in the airports Adolfo Suarez Madrid-Barajas, Málaga-Costa del Sol, Sevilla, Bilbao, Santiago-Rosalía de Castro y Jerez
    • ARQUIMEA-LABGENETICS, UTE, CIF: U67788489

Registered Office: Calle Margarita Salas, 10, 28919, de Leganés (Madrid). Email: [email protected]
Constituida por Arquimea Médical S.L.U, Cif: B87739587 y Laboratorio de Genética Clínica, S.L.,Cif: B83959833

Hereinafter we will refer to them as “the Controller”

 

  1. WHO IS THE DATA PROTECTION OFFICER (DPO)?

We have appointed a Data Protection Officer (DPO), whom Users may contact on matters relating to the processing of their personal data and for the exercise of their rights under the General Data Protection Regulation (GDPR), if they so wish. You can contact our DPO through the following contact details:

Postal address: Delegado de Protección de Datos – Arquimea Medical

Calle Margarita Salas, 10, 28919, Leganés (Madrid)

Contact email address: [email protected]

 

  1. WHAT DATA CAN WE PROCESS?

The processing of your data is necessary to give you access to the contents and/or functionalities of the Website or, if you so require, to be able to send you information or provide you the services available through the Website. In this regard, we are firmly committed to processing your personal data lawfully in accordance with the principles and legal obligations provided for by the current personal data protection regulations.

When you browse through our website and when you interact or register with us, you provide us your data directly, for example, when you fill in any form or request made online in accordance with the processing purposes indicated in each case (contact form registration/access form).

Personal data you provide to us is related to such forms or requests made through the Website and may also vary depending on the type of form or request in each case. Notwithstanding the foregoing, different categories of personal data may be collected through the Website and its various forms, although we will always ask you for data that is adequate, relevant and limited to what is necessary for the aforementioned processing purposes (principle of minimisation of personal data):

  • Contact form: identification and contact data (Full name, E-mail, Message -services that interest you, needs or associated doubts, etc-).
  • Fly Covid Test forms: identification and contact data (name, surname, ID card number, address, sex, date of birth, place of residence, telephone number and e-mail address, bank details)
  • Text results: Once the contracted tests have been carried out, we will send the results to you.

Unless indicated, all requested data in the forms are obligatory.

The User is responsible for the veracity and accuracy of the sent data and for any authorization that would be necessary for its communication. In this sense, if you provide us with third party data, you declare that you have their consent and you undertake to provide them the information contained in this Privacy Policy to the data subject exempting the Controller from any liability in this regard.

Similarly, when you browse our Website you should be aware of the cookies that are installed on your terminal or device as this involves the processing of your personal data according to the type of cookies reported and their specific purposes (see cookies policy ). You can configure your preferences on the use of cookies used on our Website through the configuration panel enabled, as indicated in the cookies policy.

 

  1. WHAT DO WE USE YOUR PERSONAL INFORMATION FOR?

The web User’s personal data is processed for the purposes stipulated in this Privacy Policy and, where appropriate, in the data forms provided in this Website. In this sense, the collection of data serves the following purposes:

  • Allow to use our Website efficiently and securely.
  • Answer the received information requests through our Contact forms.
  • Allow and manage your registration as a User, if required, and manage your personal account as registered User. You will be able to deregister whenever you wish by writing to […].
  • Mannage the developement, fulfilment and execution of the contract of sale of the products you have purchased or any other contract between the two, including the sending of communications regarding the purchases made.
  • Send you your test results.
  • To guarantee the safety of the flights you are going to take, communicating the tests results.
  • Communicate positive PCR results to the Health Authorities
  • Send commercial information and/or communications related with our products and services, if you unequivocally consent. In any case, we inform you that you may withdraw or revoke such authorisation at any time by writing to us at [email protected], although this will not affect the previous processing of your data for these purposes.
  • Allow the uses associated with cookies on the Website as described in our cookie policy.

 

When any of our Website forms is used, the provided data will be exclusively used to process your request for the defined purposes. Any change in these purposes will be informed in advance of the form’s submission and, if necessary, you will be asked for the consent.

 

  1. UNDER WHAT LEGAL BASIS DO WE USE IT?
Purposes of processing Legal basis for processing
Allow to use our Website efficiently and securely. Your consent and, where applicable, to meet the lawful interests of ourselves or third parties associated with the proper management, maintenance, development and evolution of the Website, related tools, network and information systems, enabling their correct functioning, features, access to content and services, as well as the overall security of all of the above.

 

Answer the received information requests through our Contact forms. Your consent and, where applicable, execution of pre-contractual measures at the request of the User/data subject.

 

Sending commercial information and/or communications related with our products and services.

 

Your consent.
Allow and manage your registration as a User if required.

 

Execution of the contract concluded by accepting the Terms and Conditions of Service.
Manage the development, fulfillment and execution of the contract of sale of the products you have purchased Execution of a contract at the request of the user (acceptance terms and conditions).

 

Tests Results Your consent accepting the terms and conditions of the service
To guarantee the safety of the flights you are going to take, communicating the positive results to the airline.

 

Compliance with legal obligations.
Communicate positive PCR results to the Health Autorities. Compliance with legal obligations.

 

If you have accepted the cookie policy provided for this purpose, to allow the development of the processing purposes associated with them and to perform the relevant analysis derived from your web browsing for analytical and/or statistical purposes and to allow you to interact with the content on social networks. Your consent.

 

Where the legitimate basis for the processing of your personal data is your consent, we remind you that you have the right to revoke your consent at any time simply and free of charge by writing to [email protected]

 

  1. FOR HOW LONG DO WE KEEP PERSONAL INFORMATION?
Personal data related to the purposes of the informed processing Time limits or criteria for storing your personal data
Allow to use our Website efficiently and securely. ·     In general, your personal data will be kept for this purpose as long as it is indispensable and necessary to enable you to correctly browse and use our Website and the content available on it. (see cookies policy)
Answer the received information requests through our Contact forms. ·     For the time necessary to respond correctly to your specific requests in each case.

·     If they involve at your request executing pre-contractual measures or signing a contract with the Controller, your data will be stored for as long as necessary to meet such pre-contractual measures or contracts between the parties.

Sending commercial information and/or communications related with our products and services.

 

·      Until such time as you request the effective un-subscription.
Allow and manage your registration as a User if required.

 

·      Until such time as you request the effective deregistration.
Manage the development, fulfilment and execution of the contract of sale of the purchased products. ·        For the time necessary to give due satisfaction to the contract signed between the parties.
Tests Results ·        We will keep your tests results while you maintain your registration with a maximum of three years.
If you have accepted the cookie policy provided for this purpose, to allow the development of the processing purposes associated with them and to perform the relevant analysis derived from your web browsing for analytical and/or statistical purposes, to show you advertising related to your preferences and to allow you to interact with the content on social networks. ·     Regarding the data related to your browsing profile, in relation to the analytical type of cookies that you have accepted as stated in our cookie policy, you must refer to the section on their temporality (see cookies policy).

 

In any case, and without prejudice to the foregoing, the User is also informed of the following:

  • In accordance with current legislation on the protection of personal data, regarding the correct processing of personal information by the controllers, they will also be able to store the information for three years in a secure manner from the time it is collected (prescription periods for infringements in this matter).

 

  • In general, when personal data are no longer necessary for the processing purposes for which they were collected, they will be blocked and will be available only to the competent authorities for the potential discharge of legal liabilities during their processing, always in accordance with applicable law and they may not be used for purposes other than these. Once the corresponding legal periods have elapsed in the event of blocking, such personal data shall be deleted in accordance with the applicable regulations and, if applicable, may also be securely anonymised by the controllers (anonymised/non-personal data).

 

 

  1. WHAT HAPPENS IF YOU DO NOT PROVIDE US YOUR DATA?

We try to request or apply the minimum and essential data for the processing that we perform for fully conducting our corporate purposes. All the above is in accordance with the principles contained in the applicable regulations.

However, failure to provide your personal data could lead to 1) you may not browse our Website correctly (non-acceptance of technical or session cookies); 2) you may not access certain content or services; 3) you may not process your specific petition or request (for example, due to the lack or insufficient filling out of the relevant form or application).

 

  1. DO WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES?

Your data won´t be shared to third parties, except in the following cases:

  • When it is necessary for the correct provision of the requested services or the implementation of pre-contractual measures upon your request, we may share your data with other companies Service providers required for the development and delivery of the service. In this regard, The controller has several data processors processing your personal data. Such processors are trustworthy providers that only process your personal data to the extent necessary to render the services entrusted to them.
    • Main service providers necessary for the development of the service are: Laboratories that carry out the tests
      • Instituto de Medicina Genómica S.L.U.
      • Laboratorio de Genética Clínica, S.L.

Logistic suppliers to transport samples to laboratories

  • LabCourier Especialistas En Su Mercancía S.L (Barcelona, Malaga, Sevilla y Jerez)
  • Mox -Mission Box S.L (Madrid)

 

Hosting and IT providers

  • Our website is located in a hosting under the responsibility of Azure Europa, S.L.
  • The administration and operation of the IT platform is contracted to Arquimea Group, S.L.
  • To comply with legal obligations, we shall communicate data to other third parties such as airlines and health authorities or courts.

 

  1. ARE YOUR PERSONAL DATA TRANSFERRED TO THIRD COUNTRIES?

You are hereby informed that, generally, we do not intend to transfer your personal data internationally. The Controller conforms to the measures and guarantees set forth by current regulations on personal data protection.

Likewise, in our cookies policy you will find information on the use of cookies by third parties that may carry out international transfers of personal data. You can consult the privacy information of the third parties that serve cookies on this website through our Cookies Policy.

  1. HOW WE STORE AND PROCESS YOUR INFORMATION

The Services offered by the Controller, include the following processes:

  • Taking personal data through the website flycovidtestcenter.com and making an appointment at the airport chosen by you for the provision of the Service(s) you wish to contract.
  • Ensure that you have read this privacy policy associated with the same website flycovidtestcenter.com, prior to making the appointment and contracting the Service(s);
  • Reading by you prior to the taking of samples of the informed consent and its signing.
  • Management of incidents occurring during the provision of the Services;
  • Taking nasopharyngeal and salivary samples from you for the provision of the Services.
  • Traceability of the samples from the time they are obtained until the results are communicated.
  • Communicating the results of the analyses to you through the website flycovidtestcenter.com; and
  • In the event that you are a passenger on a flight and you are going to undergo the provision of the Services prior to your boarding, the communication of the results of your Test(s) to the airline you are travelling with if it is requested by the airline.

Contracted laboratories on behalf of the Controller will provide the following services:

 

  • Reception and PCR analysis of samples at the laboratories.
  • Diagnostic analysis of the presence of COVID-19 viral RNA (PCR) in saliva or nasopharyngeal samples;
  • Diagnostic test for the presence of COVID-19 viral protein (antigens) in saliva or nasopharyngeal samples;
  • Serological tests indicating the subject’s immune reaction to the COVID-19 virus (antibodies in ELISA or lateral flow cassette version)
  • Obtaining the result confirming or ruling out the presence of viral RNA, antigens or antibodies to the COVID-19 virus.
  • Communicate to the health authority of the competent Autonomous Community the result of the test in compliance with the regulations in force, when appropriate.

 

The personal information you submit through the different forms, and the tests results   may only be consulted by Controller staff and the service providers necessary for the service provision, who will need access to it for the purpose of managing, supporting, providing, or evaluating the services.

The Controller have implemented appropriate technical and organisational measures to safeguard your personal data against accidental loss, alteration, disclosure, use or unauthorised access. Data is transmitted securely using SSL encryption and stored on secure servers. We also employ additional information security measures that include access controls, strict physical security, and secure storage and processing practices.

In accordance with the above, the Controller may communicate your data to one or more third party companies, specialised in the performance of these Services (collection, secure transport of samples, traceability and performance of the analyses for the provision of the Services), with which they will sign a direct contract, for the sole purpose of carrying out the provision of the services, specifying the duration and purpose of the work to be performed and the necessary security measures.

The responsible will always ensure strict compliance by these companies with the conditions of this contract and the legislation in force.

The Controller will also transfer your personal data to comply with the provisions of RDL 21/2020, which establishes the obligation to inform the health authority of the competent Autonomous Community of any positive case of COVID-19 in your case, an in the event that you are a passenger about to travel by air, we will provide the results of the tests aimed at obtaining a diagnosis of the presence of COVID-19 in your body in order to protect the health of other passengers and the public interest.

  1. DATA ANALYSIS BY THE UTE MEMBRERS

The Controller may also use your data to generate information from which to derive trends and information on the effectiveness of the Services provided. This information may refer to the processing of COVID-19 or to the operation of the Services themselves, with the aim of improving them and sending you commercial communications.

The information referred may include any of the personal data listed under the heading “Request for Personal Data: What do we request, and why?” in the consent document, and may also include the combination of such information with information from the Controller.

The information on trends we get may be shared with third parties and incorporated into publications. Under no circumstances would we share with any third party, nor would we include in any publication, data such as your name, surname, ID number, contact information or date of birth.

The fact that you may at any time revoke your consent for the purposes of this section shall not affect the processing of your data that the Controller may have already carried out at any time prior to such revocation. We will also continue to carry out the analyses described in this Privacy Notice.

 

  1. WHAT RIGHTS DO YOU HAVE, WHAT DO THEY MEAN AND HOW CAN YOU EXERCISE THEM?
Your rights What it is? How to exercise them?
Right for information The right to be provided with appropriate information by the Controller, both at the time your personal data has been collected (whether obtained from you or through a third party) and at any time later for the processing of your personal data. You decide about your personal information. Refer to articles 12 to 14 of GDPR. The Controller tries to provide you all the necessary information regarding the processing of your personal data in application of articles 12 to 14 of GDPR. However, if you have any questions or doubts about our privacy and cookies policies, please feel free to send us an email: [email protected]
Right to access The right to obtain from the Controller  confirmation of whether your personal data is being processed, and basic information regarding such processing (article 15 of GDPR), as well as to obtain a copy of the personal data being processed. By sending a written request via e-mail:  [email protected]    with Ref. “Exercise Rights” enclosing, if necessary, a copy of your national identity document or equivalent identification document (passport, NIE …) to certify your identification.
Right to rectification Right to have your personal data rectified without undue delay by the Controller under the terms of article 16 of GDPR. By sending a written request via e-mail:  [email protected]  with Ref. “Exercise Rights” enclosing, if necessary a copy of your national identity document or equivalent identification document (passport, NIE …) to certify your identification.
Right to deletion Right to have your personal data deleted without undue delay by the Controller under the terms of article 17 of GDPR. By sending a written request via e-mail:  [email protected]   with Ref. “Exercise Rights” enclosing, if necessary a copy of your national identity document or equivalent identification document (passport, NIE …) to certify your identification.
Right to limitation of processing Right to have your data processing limited by the Controller when:

·  You challenge the accuracy of your personal data, for a period that allows the Controller to check its accuracy.

·  The processing is unlawful, and you oppose its deletion (and instead, request its limitation).

·  The Controller no longer needs personal data, but needs them to formulate, exercise or defend claims.

Its exercise will be limited to the provisions of article 18 of GDPR.

By sending a written request via e-mail:  [email protected]   with Ref. “Exercise Rights” enclosing, if necessary a copy of your national identity document or equivalent identification document (passport, NIE …) to certify your identification.
Right to data portability Right to receive personal data concerning you that you have provided to us in a structured format, commonly used and machine-readable, or to transfer it to another processing controller when technically possible under the terms described in article 20 of GDPR. By sending a written request via e-mail:  [email protected]   with Ref. “Exercise Rights” enclosing, if necessary a copy of your national identity document or equivalent identification document (passport, NIE …) to certify your identification.
Right to oppose Right to oppose at any time the processing of your personal data, including profiling, when this is done to meet the legitimate interest of Athe Controller or a third party as described in article 21 of GDPR. By sending a written request via e-mail:  [email protected]   with Ref. “Exercise Rights” enclosing, if necessary a copy of your national identity document or equivalent identification document (passport, NIE …) to certify your identification.
Right not to be the subject of a decision based solely on automated processing (including profiling) Right not to be subject to a decision based solely on automated processing, including profiling, which has legal consequences for you or significantly affects you in a similar manner under the terms of Article 22 of GDPR. By sending a written request via e-mail:  [email protected]   with Ref. “Exercise Rights” enclosing, if necessary a copy of your national identity document or equivalent identification document (passport, NIE …) to certify your identification.
Right to revoke consent granted You have the right to withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of the processing carried out by the Controller based on your consent prior to its withdrawal. This revocation may be made through the forms, contents and private settings provided by the Controller, depending on each case (for example, requesting cancellation of the newsletter service requested through the link provided at the end). However, you can always send this request via e-mail: [email protected]   so that your right can be properly enforced as described in the applicable regulations.
Right to file a complaint with the competent supervisory authority (AEPD) It means the ability to approach the supervision authority if you believe your rights of protection of personal data have been breached (articles 13 and 14 of GDPR). We recommend that before filing any complaint or claim with the Spanish Data Protection Agency (AEPD), contact us in order to analyse the specific situation and try, where appropriate, to find an effective and friendly solution. Apart from the above, if you wish, you can also refer to the AEPD website. www.aepd.es

 

 

INCLUIR ENLACE A LA POLITICA DE COOKIES [MG1]