Política de Privacidad / Privacy Policy
PRIVACY POLICY
CHROMIC – NOVIK NEXUS S.L.
1. DATA CONTROLLER (WEBSITE)
The data controller responsible for the processing of personal data collected through this website is: Novik Nexus S.L. Tax Identification Number (CIF): B-72913379. Registered office: C/ La Cruz 2, Entresuelo, 30820 Alcantarilla (Murcia), Spain. Email: info@chromic.ai
2. SCOPE OF APPLICATION
This Privacy Policy governs: Data collected through the website, data processed within the professional environment of the Chromic application, and the processing of dental images within the system.
3. TYPES OF DATA PROCESSED
A) Professional Data (B2B): Name, professional email address, clinic name, professional position, billing information.
B) Technical Data: IP address, device identifiers, access logs, usage metrics.
C) Dental Images: Chromic may store images of teeth used for color analysis and monitoring purposes. These images: Do not include facial images, do not include the patient’s name, do not include national ID numbers, and do not include direct identifying information. However, such images may qualify as health-related data under Articles 4 and 9 of the GDPR if linked to dental treatment.
4. ROLE OF THE PARTIES IN THE PROCESSING OF IMAGES
Healthcare Professional → Data Controller: The professional or clinic using Chromic determines the purpose of processing, decides which images are captured, is responsible for obtaining patient consent, and is responsible for compliance with healthcare regulations.
Novik Nexus S.L. → Technology Data Processor: Novik Nexus S.L. does not determine the clinical purpose, does not access patient identifying data, does not intervene in the doctor-patient relationship, and acts solely as a technology provider. A Data Processing Agreement pursuant to Article 28 GDPR shall be executed within the App Terms.
5. PURPOSE OF IMAGE PROCESSING
Images are used exclusively for: Digital dental color analysis, monitoring chromatic evolution, and generating visual metrics. They are not used for medical diagnosis, preparation of clinical reports, individualized advertising, or sale to third parties.
6. LEGAL BASIS FOR PROCESSING HEALTH DATA
The processing of dental images is based on: Article 9(2)(h) GDPR (healthcare provision), the responsibility of the healthcare professional, and consent obtained by the professional. Novik Nexus S.L. does not obtain direct consent from patients.
7. SECURITY MEASURES
Appropriate technical and organizational measures are implemented, including: Encryption in transit (TLS/SSL), encryption at rest, access controls, activity logging, environment segmentation, and internal access restrictions.
8. IMAGE RETENTION
Images shall be retained: For the period determined by the professional, until deleted by the professional, and in accordance with the clinic’s internal policies. Novik Nexus S.L. does not retain images for purposes unrelated to the service.
9. AGGREGATED DATA AND ANONYMIZATION
The company may use anonymized statistical data derived from system usage for: Algorithm improvement, research, scientific publications, and legitimate commercial purposes. Such data will not allow patient identification, will not contain identifying metadata, and will not be sold to third parties.
10. INTERNATIONAL TRANSFERS
If service providers located outside the European Economic Area are used: Standard Contractual Clauses shall be applied and appropriate safeguards implemented.
11. DATA SUBJECT RIGHTS
The exercise of rights concerning dental images corresponds to the healthcare professional acting as data controller. Novik Nexus S.L. shall cooperate where appropriate.
12. LIMITATION OF LIABILITY REGARDING DATA PROTECTION
Novik Nexus S.L. shall not be responsible for: Failure by the professional to obtain proper consent, improper use by the clinic, capture of images without authorization, or inclusion of identifying data by the professional.
13. MODIFICATIONS
The company may modify this Privacy Policy to adapt it to legislative or technological changes.
POLÍTICA DE PRIVACIDAD
CHROMIC – NOVIK NEXUS S.L.
Titular: Novik Nexus S.L.
1. RESPONSABLE DEL TRATAMIENTO (WEB)
El responsable del tratamiento es Novik Nexus S.L. (CIF: B-72913379), con domicilio en C/ La Cruz 2, Entresuelo, 30820 Alcantarilla (Murcia), España. Email: info@chromic.ai
2. ÁMBITO DE APLICACIÓN
Esta Política regula los datos recogidos en la web, los datos recogidos en el entorno profesional de la aplicación Chromic, y el tratamiento de imágenes dentales dentro del sistema.
3. TIPOS DE DATOS TRATADOS
A) Datos profesionales: Nombre, email profesional, clínica, cargo, datos de facturación.
B) Datos técnicos: Dirección IP, identificadores de dispositivo, logs de acceso, métricas de uso.
C) Imágenes dentales: Imágenes de dientes para análisis de color. No incluyen rostro, nombre del paciente, DNI ni datos identificativos directos. Pueden constituir datos de salud conforme al RGPD.
4. ROL DE LAS PARTES
Profesional sanitario → Responsable del tratamiento: Decide la finalidad, qué imágenes se capturan, es responsable de obtener consentimiento y del cumplimiento normativo.
Novik Nexus S.L. → Encargado del tratamiento: Proveedor tecnológico que actúa bajo contrato de encargo del tratamiento (Art. 28 RGPD).
5. FINALIDAD DEL TRATAMIENTO
Análisis digital del color dental, seguimiento de evolución y métricas visuales. No se usan para diagnóstico médico, informes clínicos o publicidad individualizada.
6. BASE JURÍDICA
Art. 9.2.h RGPD (asistencia sanitaria), responsabilidad del profesional y consentimiento obtenido por este.
7. MEDIDAS DE SEGURIDAD
Cifrado en tránsito (TLS/SSL) y en reposo, control de accesos, registro de actividad y segmentación de entornos.
8. CONSERVACIÓN
Durante el tiempo que determine el profesional o hasta que los elimine conforme a la política interna de la clínica.
9. DATOS AGREGADOS
Uso de datos anonimizados para mejora de algoritmo, investigación y fines comerciales. No permiten identificación.
11. DERECHOS
El ejercicio de derechos sobre imágenes corresponde al profesional sanitario responsable del tratamiento.
13. MODIFICACIONES
La empresa podrá modificar esta Política para adaptarse a cambios legislativos o tecnológicos.