Logo Dr. Antonio Vilatela · Cirujano de columna en Valencia
Book appointment
Whatsapp Instagram

Privacy Policy

Last update: 6 June 2026.

1. Data Controller

  • Identity: Antonio Vilatela Gómez (“the Controller”).
  • Tax ID (NIF): [to be completed].
  • Postal address: Avinguda del Azahar 15, 46117 Bétera (Valencia), Spain.
  • Contact email: consulta@drvilatela.es
  • Phone: +34 621 352 613
  • Data Protection Officer (DPO): [if applicable].

2. Personal data we process

Through this website (drvilatela.es) we may process the following categories of data:

  • Identification data: name, surname, ID/passport.
  • Contact data: email, phone, country of residence, postal address.
  • Health data (special category — Art. 9 GDPR): medical history, medical reports and diagnostic tests voluntarily submitted, diagnoses, prescribed treatments.
  • Browsing data: IP address, browser type, pages visited, date and time of access, collected via cookies (see Cookie Policy).

3. Purposes of processing

  • To respond to requests for information, quotes or appointments submitted via forms or contact channels.
  • To provide private healthcare services (consultation, diagnosis, treatment, follow-up).
  • To manage the contractual relationship and billing.
  • To comply with legal obligations (healthcare, tax, medical record retention).
  • To send informative communications, only with prior express consent.
  • To analyse website usage through statistical cookies, only with prior consent.

4. Legal basis

  • Performance of a contract (requested medical care): Art. 6.1.b GDPR.
  • Compliance with legal obligations: Art. 6.1.c GDPR.
  • Data subject’s consent for health data processing: Art. 9.2.h GDPR (healthcare) and Art. 9.2.a GDPR (explicit consent for other purposes).
  • Controller’s legitimate interest in service improvement (web analytics), always with prior consent.

5. Retention period

  • Medical record: minimum 5 years from discharge, in accordance with Spanish Law 41/2002. The regional regulations of the Comunidad Valenciana apply.
  • Billing data: 6 years (Spanish Commercial Code) and applicable tax periods.
  • Contact data without engagement: 1 year from last contact if no care relationship materialises.
  • Browsing data: as defined in the Cookie Policy for each cookie type.

6. Recipients of data

Data may be shared with:

  • Hospital La Salud Valencia and other affiliated healthcare centres, only where necessary to provide the service.
  • Insurers or payers, when the patient authorises it or when necessary for billing.
  • Public administrations and health authorities to comply with legal obligations.
  • Technology providers (hosting, email, CRM) under processor agreements as per Art. 28 GDPR.

7. International transfers

International data transfers may occur where technology providers are located outside the European Economic Area. In such cases, the EU Commission’s Standard Contractual Clauses or other GDPR safeguards apply.

8. Your rights

You have the right to:

  • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Request erasure when no longer necessary.
  • Object to processing.
  • Request restriction of processing.
  • Request data portability.
  • Withdraw consent at any time.

To exercise these rights: send a written request to consulta@drvilatela.es with a copy of your ID. We will respond within one month.

If you believe your rights have not been properly addressed, you may file a complaint with the Spanish Data Protection Agency (AEPD): www.aepd.es.

9. Security

The Controller applies appropriate technical and organisational measures to ensure data security in accordance with Art. 32 GDPR.

10. Changes

This Policy may be updated to reflect regulatory or service changes. The current version is always the one published at this URL.

Logo Dr. Antonio Vilatela · Cirujano de columna en Valencia
Facebook Instagram Linkedin Twitter
© 2026 Dr. Antonio Vilatela. All rights reserved. Committed to excellence in spinal care.