PRIVACY POLICY BMI EQUALAS MÉDICAS – Ecuador

Privacy Policy BMI Equals Medical

  1. SCOPE:
    This Privacy Policy will apply to all Databases and/or Files that contain Personal Data that are processed by BMI IGUALAS MÉDICAS DEL ECUADOR SA (hereinafter BMI), considered to be responsible for the processing of Personal Data.

  2. DEFINITIONS:
    • 2.1. Authorization: It is the prior, express and informed consent of the Owner of the Personal Data to carry out the Processing of Personal Data.
    • 2.2. Privacy Notice: Written communication generated by BMI, addressed to the TDP for the Processing of your Personal Data, through which you are informed about the existence of the Information Privacy Policies that will be applicable to you, the way to access them and the purposes of the Treatment that is intended to be given to the Personal Data.
    • 23. Database: Organized set of Personal Data that is subject to Treatment.
    • 2.4. Clients: Natural or legal person that has a contractual relationship with BMI and/or has submitted a request to BMI to enter into a contract. Customers will also be understood as those natural persons who appear as affiliates or dependents of an individual or corporate contract.
    • 2.5. Personal Data: Any information linked to or that can be associated with one or more determined or determinable natural persons, includes medical information on diagnosis, treatment or health condition, as well as personal information, including patrimonial and financial information.
    • 2.6. Person in charge of the Treatment: Natural or legal person, public or private, that by itself or in association with others, carries out the Treatment of Personal Data on behalf of BMI.
    • 2.7. Responsible for the Treatment: Natural or legal person, public or private, that by itself or in association with others, processes, safeguards or administers the Database and/or the Treatment of the data for the purposes established in the contract.
    • 2.8. Terms and Conditions: general framework in which the conditions for participants in commercial or related activities are established.
    • 2.9. Owner of Personal Data (TDP): Natural person affiliated or dependent on an individual or corporate contract, whose Personal Data is subject to Treatment, including those persons who have submitted a request for comprehensive prepaid health care services and who did not complete their application. hiring.
    • 2.10. Treatment: Any operation or set of operations on Personal Data, such as collection, storage, use or verification.
    • 2.11. Transfer: The transfer of data takes place when the Responsible and/or Person in Charge of Treatment sends, transmits or shares the Personal Data to a third party or a Person in Charge of Treatment is located inside or outside of Ecuador.

       

  3. TREATMENT:
    BMI collects, stores, uses and verifies Personal Data corresponding to Clients and/or TDP, for the development of its commercial activities and due to the nature of the service it provides, as the Responsible for the Treatment of Personal Data.

     

  4. PURPOSE:
    Personal Data is processed by BMI for the following purposes:
    • 4.1. Participation in different types of surveys through registrations or offline/online forms.
    • 4.2. Filling out subscription requests, online services or to facilitate the request for specific information that is required of us.
    • 4.3. Inform you of important news concerning BMI.
    • 4.4. Tell you about our new products or services, updates, technical support issues, events and special offers.
    • 4.5. Promote products and services on our website.
    • 4.6. Prevent and detect fraud or other illegal or prohibited activities.
    • 4.7. Ensure the security and integrity of our Website.
    • 4.8. As part of an ongoing sales process.
    • 4.9. To be part of automated means such as communication protocols.
    • 4.10. To perform analyzes and evaluations about our business; as well as to analyze strategies for customer consolidation.
    • 4.11. For the management and analysis of claim reimbursement.
    • 4.12. To grant the Ambulatory and/or Hospital Credit benefit.
    • 4.13. For the provision of services by BMI.

       

  5. RIGHTS OF PERSONAL DATA HOLDERS:
    The Clients and/or TDP whose Personal Data are subject to Processing by BMI, have the following rights, which they may exercise at any time:
    • 5.1. Access and know your Personal Data on which BMI is processing for free.
    • 5.2. Be informed by BMI, upon request, regarding the use that it has given to your Personal Data.
    • 5.3. Request BMI to delete your Personal Data, except for your medical information, since it is related to your Medical Record. However, the request for deletion of the information and the revocation of the authorization will not proceed when the TDP of the information has a legal or contractual duty to remain in the Database and/or Files by virtue of which their data were collected. .
    • 5.4. Request the updating or rectification of your Personal Data, except those data related to health data. BMI may request additional information from the TDP that supports the need to update or rectify.

       

  6. AUTHORIZATION:
    BMI derived from the contractual relationship that it has with each Client or through the acceptance of the conditions established in the Requests for Comprehensive Prepaid Health Care Services is authorized to Process your Personal Data.
    Authorization is given through various instruments, such as:

     

    • 6.1. The Application for Comprehensive Prepaid Health Care Services.
    • 6.2. The Comprehensive Prepaid Health Care Services Contract.
    • 6.3. Through unequivocal behaviors that allow concluding that you granted your authorization, for example, through your express acceptance of the Terms and Conditions of an activity and/or use of a Website and/or electronic application within which the Privacy Notice is communicated. and the authorization of the participants is required for the Treatment of their Personal Data, whether given directly through the Client/TDP or a third party that represents it, such as an insurance producer advisor or related to the latter.

       

  7. SPECIAL PROVISIONS FOR THE PROCESSING OF HEALTH DATA:
    • Health data is considered to be that which contains information on diagnoses, treatments, medical situation, personal and family medical history, and any information that serves to identify the previous or current health condition of the TDP or the Client. Health data may include data related to racial or ethnic origin and sexual life, which, in general, are not normally requested but may be required because they are health-related services.
    • In this case, since BMI handles medical information, the Client/TDP acknowledges that the Personal Data will be used and analyzed in the development of the contractual relationship between the parties.

       

  8. SPECIAL PROVISIONS FOR THE PROCESSING OF PERSONAL DATA OF CHILDREN AND ADOLESCENTS:
    The Client/TDP acknowledges that BMI will process the Personal Data of children and adolescents that are related to their health condition due to the type of service it provides, this does not affect the right to privacy, since BMI uses the Personal Data in a consistent manner with the service it provides or the evaluation of an application. The Client acknowledges having parental authority or being the legal representative of the TDP or being authorized by the legal representative and therefore is empowered to share and authorize the processing of the personal data of the TDP in accordance with the provisions of this Privacy Policy. Privacy.

     

  9. PROCEDURE FOR ATTENTION AND RESPONSE TO REQUESTS AND INQUIRIES:
    • The Holders of the Personal Data that are being collected, stored, used by BMI, may at any time exercise their rights to access, update and rectify their information or that of their representatives. Derived from compliance with the law, the clinical history is unique and cannot be altered or modified, therefore it is prohibited to modify in any way the Personal Data related to medical information because they are related to the TDP's clinical history.
    • In the case of updating or rectifying Personal Data, BMI reserves the right to request additional documents that corroborate or confirm the inaccuracy of the data that must be updated or corrected.
    • To exercise the rights established in this clause, the TDP must send a communication to the email postventa@bmi.com.ec, developing your request. In the electronic communication, the TDP must identify himself with his name, surname, identification document, contract number and electronic address to which he can receive the response. BMI will respond to the query within the next 2 business days from receipt of the email. In case of entering a written request, it will be received from Monday to Friday from 8:30 a.m. to 5:30 p.m. at the following addresses:

      · De Los Shyris and Sweden Avenue, Renazzo Plaza building, 12th floor,
      · Av. Jaime Roldós Aguilera, Parq. Business Colon Corporate Building 2, Floor 1
      · Cuenca Azogues Highway Cardeca Business Center Building
      · If you have questions or queries regarding the treatment, conservation and handling of your personal data, contact the address: postventa@bmi.com.ec.
      · In the event that BMI changes its address, this fact will be informed.

       

  10. ANONYMIZATION:
    BMI declares that for greater security it may adopt measures to anonymize the personal data of the TDP. Through the anonymization process, the data cannot be linked to a natural person or TDP, the anonymized data is not Personal Data. All anonymized personal data will belong to BMI and may use, market or transfer it as it deems necessary, it will not require any authorization or permission from the TDP.

     

  11. SECURITY OF PERSONAL DATA:
    BMI, in strict application of the principle of security in the Processing of Personal Data, will implement the necessary technical and organizational measures to guarantee the confidentiality, integrity and security of health data and records, avoiding their adulteration, loss, consultation, use or unauthorized access. or fraudulent. The obligation and responsibility of BMI is limited to implementing the appropriate security measures according to the state of the art available according to technical and economic limitations. BMI will adopt all appropriate security measures, the Client/TDP accepts and acknowledges that these security measures are not infallible and that technical failures or unauthorized entries may occur. BMI will not be responsible for unauthorized access or alterations to the information as a result of technical failures or unauthorized entry by third parties that have violated the security systems adopted by BMI. BMI will require from service providers adequate measures for the protection of Personal Data in relation to which said providers act as Processors.

     

  12. TRANSFER, TRANSMISSION AND DISCLOSURE OF PERSONAL DATA:
    • The TDP accepts and acknowledges that BMI may transfer your personal data to related third parties or suppliers, located within the national territory or in other countries, to process your personal data. The TDP authorizes BMI to transfer data related to the nature of the service associated with medical benefits, financial services, additional benefits, audit processes.
    • The clinical history and information on the health situation is relevant for the diagnosis and treatment of diseases, for which it may be transferred to the different health service providers or BMI advisors, who for the purposes of this Policy, will act as Persons in Charge of the Treatment.
    • The TDP accepts and acknowledges that BMI may transfer your personal data to the corresponding administrative and judicial authorities for the solution of administrative procedures, contractual disputes or disputes related to the provision of health, or due to motivated requests made by state entities. BMI will not be responsible for the security and confidentiality of the data and information delivered to government entities.
    • The TDP acknowledges that BMI uses computer systems that are in the cloud or "cloud computing", the TDP acknowledges that the servers that provide these services are located in other countries. The TDP accepts that your personal data is hosted on servers located in other countries, for which it expressly accepts the international transfer of data, especially all sensitive data described in this Policy.

       

  13. VALIDITY:
    This Privacy Policy will be in force from September 15, 2020. BMI reserves the right to update the Privacy Policy when deemed necessary. BMI will notify the TDP in the event that future updates modify essential terms or rights of the TDP.