Privacy Policy

1. Introduction

SHEFA – Scientific Health Exchange for Alliances (“SHEFA”, “we”, “our”) is committed to protecting personal data and respecting users’ privacy in accordance with:

Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR);
Organic Law 3/2018 on Personal Data Protection and Digital Rights;
applicable Spanish and European data protection regulations.

This Privacy Policy explains how personal data may be collected, processed, used and protected through this website.

2. Data Controller

SHEFA – Scientific Health Exchange for Alliances
Barcelona, Spain
Email: info@shefa.es

3. Personal Data We May Collect

We may collect and process the following categories of personal data:

identification data (name and surname);
professional information (organization, role, sector);
contact details (email address, phone number);
information voluntarily provided through forms, submissions or communications;
technical and browsing data (IP address, browser type, device information, cookies and analytics data).

We do not intentionally collect special categories of personal data, including health-related information, unless strictly necessary and voluntarily provided within the context of a professional interaction or collaboration.

4. Purpose of Processing

Personal data may be processed for the following purposes:

responding to inquiries and contact requests;
managing professional communications and strategic collaborations;
evaluating partnership, innovation or institutional opportunities;
improving website performance, functionality and user experience;
ensuring website security and technical operation;
complying with applicable legal and regulatory obligations.

5. Legal Basis for Processing

The legal bases for processing personal data may include:

the user’s consent;
the implementation of pre-contractual or contractual measures;
legitimate interest in managing professional relationships and communications;
compliance with legal obligations.

6. Data Retention

Personal data shall be retained only for the duration necessary to fulfil the purposes for which it was collected and, thereafter, during the applicable legal retention periods.

Professional contact information may be retained for the duration necessary to manage ongoing or potential professional relationships unless deletion is requested or legally required.

7. Data Sharing and International Transfers

SHEFA does not sell personal data.

Personal data may be shared, where necessary, with:

technology, hosting and infrastructure providers;
analytics and website service providers;
professional advisors and consultants;
legal, regulatory or public authorities where legally required;
trusted collaborators involved in project execution, subject to confidentiality obligations.

Where international data transfers occur, including collaborations involving international partners and healthcare innovation ecosystems outside the European Economic Area, appropriate safeguards shall be implemented in accordance with GDPR requirements.

8. User Rights

Users may exercise the following rights:

right of access;
right to rectification;
right to erasure;
right to restriction of processing;
right to data portability;
right to object;
right to withdraw consent at any time.

Requests may be submitted to: info@shefa.es

Users also have the right to lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos – AEPD).

9. Security Measures

SHEFA implements appropriate technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, disclosure, alteration or destruction.

However, users acknowledge that internet-based communications and digital storage systems cannot be guaranteed to be completely secure.

10. Cookies

This website may use cookies and similar technologies to improve functionality, analytics, security and user experience.

Further information is available in the dedicated Cookie Policy. Where required by applicable regulations, users shall be provided with a consent management mechanism allowing them to manage cookie preferences.

11. Third-Party Services

The website may integrate third-party services or platforms, including analytics providers, hosting services, LinkedIn integrations, embedded content or other digital tools.

Such third parties may process personal data in accordance with their own privacy policies and terms.

12. Minors

This website is not directed at individuals under the age of 18.

SHEFA does not knowingly collect personal data from minors.

13. Changes to this Privacy Policy

SHEFA reserves the right to modify this Privacy Policy at any time in order to reflect legal, operational, regulatory or technological developments.

Updated versions shall be published on this website together with the corresponding revision date.

14. Contact

For any questions regarding this Privacy Policy or the processing of personal data, users may contact: info@shefa.es

Privacy Policy

1. Introduction

2. Data Controller

3. Personal Data We May Collect

4. Purpose of Processing

5. Legal Basis for Processing

6. Data Retention

7. Data Sharing and International Transfers

8. User Rights

9. Security Measures

10. Cookies

11. Third-Party Services

12. Minors

13. Changes to this Privacy Policy

14. Contact

Política de privacidad

1. Introducción

2. Responsable del tratamiento

3. Datos personales que podemos recoger

4. Finalidad del tratamiento

5. Base jurídica del tratamiento

6. Conservación de datos

7. Comunicación de datos y transferencias internacionales

8. Derechos de los usuarios

9. Medidas de seguridad

10. Cookies

11. Servicios de terceros

12. Menores

13. Cambios en esta Política de privacidad

14. Contacto