Privacy notice2021-05-19T08:24:13+00:00


Privacy Notice

SpineVision (“We”, “Us” or “Our”), as Data Controller of your personal data, has committed to comply with the General Data Protection Regulation (“GDPR”) and the French Law No. 78-17 of 6 January 1978 relating to data, files and freedoms, as amended by Law No. 2018-493 of 20 June 2018 on the protection of personal data and all applicable laws and regulations regarding data protection.

Your privacy is particularly important to us. Accordingly, we have developed this Notice to understand how we collect, use, communicate, process and disclose and protect your personal data. The following outlines our privacy notice.

Access to ‘s website (“the website”) implies the User’s full and unreserved acceptance of this Privacy Notice (hereinafter the “Notice”). The Notice is valid for all pages hosted on the Website. It is not valid for the pages hosted by third parties to which SpineVision may refer and whose privacy policies may differ. SpineVision cannot therefore be held responsible for any data processed on these websites or by them.

We will process your personal data for the following purposes and period of retention with appropriate legal basis:

Personal data Purpose Legal Basis Period of retention Comments
Email address Handle candidates’ applications for a job at SpineVision Legitimate interest of SpineVision Maximum 2 years after the last contact with the candidate Collected if you contact the company via the email address announced in the page “careers”
Email address Answer to medical professionals interested by our solutions Legitimate interest of SpineVision Maximum 2 years after the last contact with the medical professional Collected if you contact the company via the email address announced in the page “our solutions”
Name, Email, subject, message Answer to a visitor of the website (patient, health professional,..) Legitimate interest of SpineVision Time necessary to meet your request Collected if you complete the form in the page “contact”

We will protect personal data by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. Your personal data are kept behind secured networks and are only accessible with limited access rights to such systems and are required to keep your personal data confidential.

Your personal data can be shared with SpineVision’s employees and processors that may be located outside the European Union (EU) and Economic European Area (EEA) where the data protection may be less constraining. In such cases, the Data Controller will ensure that the recipient country is an adequate country (i.e. that the country in question is recognised by the EU as having an equivalent level of protection). If the country is not an adequate country, the Data Controller will ensure to put in place appropriate safeguards when transferring your personal data. A copy of such safeguards can be provided to you by contacting the Data Protection Officer (DPO) of Data Controller (see contact details below).

According to the GDPR, you have the following rights:

  • Right of access: you are entitled to ask us to provide you with all the personal data held about you.
  • Right to rectification: you are entitled to ask us to rectify, in particular by completing or correcting, all or certain personal data held about you.
  • Right to erasure (“right to forgotten”): you are entitled to ask us to remove all personal data held about you from our systems.
  • Right to restriction of processing: you can ask us that some of your personal data is not processed. They are then said to be locked.
  • Right to data portability: you can ask to receive your personal data in a structured, commonly used and machine-readable format and transmit those data to another controller.
  • Right to object: you may object to the processing of personal data concerning you.

The application of these rights is not absolute. The requests of the exercise of rights will be always subject to a case-by-case analysis by the DPO of the Data Controller.

If you want to have more information regarding the processing of your personal data, would like to exercise your rights and have a copy of the appropriate safeguards, your requests can be sent to the DPO of the Data Controller at

You also have the right to lodge a complaint with the Data Protection Authority in the EU Member State where you reside or work, or in the EU Member State where the alleged violation took place. You will find the contact details of the different Data Protection Authorities at the following link:

Go to Top