Privacy Policy - City Clinic Marbella
+34 663 777 777
Dashboard
Book a Visit

Take the next step & schedule a visit today


Dashboard
Book a Visit

Take the next step & schedule a visit today


Book a Visit
Book a Visit

privacy policy

PRIVACY POLICY

In compliance with the provisions of Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD) of December 5, 2018, we inform you as follows:

DATA CONTROLLER

Identity: CITY CLINIC GROUP SA with CIF A93097079, hereinafter referred to as “the Controller”

Address: CITY CLINIC premises, Ctra Ojén, SN, La Cañada Shopping Center Local 131 B, Second Floor, ZIP 29602. Marbella – Málaga

E-mail: [email protected]

PURPOSE OF DATA PROCESSING

We inform you that the data you provide is processed for the following purposes:

  • To attend and respond to contact requests, information requests, and/or inquiries received through the available contact methods on the website.
  • Sending commercial information, offers, and promotions related to our products and services that may be of interest to you.
  • Managing online appointment bookings that the user wishes to make through the corresponding form.
  • Streamlining and fulfilling commitments established between the Controller and the user and maintaining the relationship that may be established.

Additionally, in compliance with the GDPR, a record of data processing activities is maintained, specifying, according to its purposes, the processing activities carried out and other circumstances established in the GDPR. Personal information will not be used for purposes other than those related to the contracted services or purchased products. Automated decisions will not be made based on this profile.

LEGAL BASIS FOR DATA PROCESSING

The legal basis for the processing carried out is based on:

  • The consent provided by the user through the acceptance of this policy and the corresponding checkbox.
  • The user has provided their personal data within a contractual or pre-contractual relationship to attend to their request and/or inquiry, and therefore, the processing is necessary for maintaining this relationship.
  • The legal obligations applicable to the Controller requiring the processing of personal data in accordance with the services provided or those related to tax matters.

PERSONAL DATA PROCESSED AND ORIGIN

The personal data processed is identifying in nature. This data has been provided by the user through the contact form, sending emails, or using the functionalities offered on the website.

The use of the contact sections, completion of forms, and/or functionalities offered on the site is voluntary. However, completing certain fields in the form or providing information through other functionalities is necessary to properly attend to and manage the request, so the user’s refusal to provide the required information will prevent the Controller from addressing and managing it correctly.

The user guarantees that the data provided is truthful, accurate, and complete. Data will be canceled, deleted, or blocked when it is inaccurate, incomplete, or no longer necessary or relevant for its intended purpose in accordance with current legislation. If the personal data provided belongs to a third party, the user guarantees that they have informed them of the Privacy Policy and obtained their consent to provide their data for the purposes outlined above. The user also guarantees that the data provided is accurate and up to date and is responsible for any direct or indirect damage or harm that may result from failing to comply with this obligation. The user commits to and is responsible for the truthfulness and correctness of the data provided and agrees to keep it updated.

PROTECTION OF MINOR’S DATA

According to the GDPR and the LOPDGDD, only individuals over 14 years old can lawfully consent to the processing of their personal data. Only people over the age of 14 may provide personal data on this website. In the case of individuals under 14 years old, parental or guardian consent is mandatory to process their personal data.

LINKS AND SOCIAL NETWORKS POLICY

The website may include links to third-party sites, such as social networks, where the Controller is present. These third-party websites have not been reviewed or controlled by the website or its Controller. The Controller is not responsible for the content published by the user on these websites. The user should be aware that their posts will be visible to other users, and they are the primary party responsible for their privacy.

DATA RETENTION PERIOD

The personal data provided by the user will be retained while they are registered for the service, while the business relationship is maintained, or until the user requests its deletion, or for the period established by law. They may also be retained when necessary to comply with a legal obligation or for the formulation, exercise, and defense of claims.

If the user withdraws their consent or exercises their rights of opposition or deletion, their data will be kept blocked, available to the Judicial Administration during the legal retention periods for addressing possible liabilities arising from the processing of personal data. In no case will this condition the provision of the service and/or the execution of contracts with the Controller. The withdrawal of consent will not condition the provision of the service and/or the execution of contracts with the Controller.

CONFIDENTIALITY AND DATA SECURITY

The Controller commits to adopting the necessary technical and organizational measures according to the level of security appropriate to the risk of the collected data, ensuring the security of personal data and preventing its accidental or unlawful destruction, loss, alteration, or unauthorized communication or access.

Personal data will be treated as confidential by the Controller, who guarantees compliance with confidentiality obligations through legal or contractual means to ensure that such confidentiality is respected by its employees, associates, and any other person with access to the information.

DATA TRANSFERS AND RECIPIENTS OF PERSONAL DATA

Your personal data will only be disclosed in legally stipulated cases for the fulfillment of obligations directly enforceable on the Controller or when necessary to fulfill the purposes of the processing outlined above or to provide strictly necessary services for the development of the activity.

For Contact Form

In accordance with current data protection regulations, we inform you that the data you provide will be processed by the data controller, CITY CLINIC GROUP SA, for the purpose of attending to and responding to contact requests. The legal basis for processing is the consent of the interested party. Your data will not be shared with third parties unless required by law. You can exercise your rights of access, rectification, deletion, opposition, limitation, and portability by sending an email to [email protected].

For Online Appointment Form

In accordance with current data protection regulations, we inform you that the data you provide will be processed by the data controller, CITY CLINIC GROUP SA, for the purpose of managing appointments made online with the center. The legal basis for processing is the consent of the interested party. Your data will not be shared with third parties unless required by law. You can exercise your rights of access, rectification, deletion, opposition, limitation, and portability by sending an email to [email protected].

USER RIGHTS

The user has the right to confirm whether or not we are processing personal data concerning them. The user has the right to access their personal data, as well as to request the correction of inaccurate data or, if applicable, to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. In certain circumstances, the user may request the restriction of the processing of their data, in which case we will only keep it for the exercise or defense of claims. In certain circumstances and for reasons related to their particular situation, the user may object to the processing of their data, in which case the Controller will stop processing the data, except for legitimate compelling reasons or for the exercise or defense of possible claims.

In those cases where legally applicable, the user will have the right to data portability, which means that they have the right to receive personal data related to them that we are processing and store it on their own device.

The user may exercise, where applicable, the rights of access, rectification, opposition, deletion, limitation of processing, portability, and objection to automated individual decisions by sending a written communication along with a copy of their ID to verify their identity, with the reference “GDPR Rights” to the following email address: [email protected]

Furthermore, the user is informed that they may file any type of claim regarding personal data protection with the Spanish Data Protection Agency www.agpd.es, Spain’s Supervisory Authority.

Address

Contacts

Review us on Trustpilot

CITY CLINIC GROUP©2025 All Rights Reserved

Address

Contacts

Review us on Trustpilot

CITY CLINIC GROUP©2025 All Rights Reserved
en_USEnglish
es_ESSpanish en_USEnglish