Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
    • GP-001 Control of documents
    • GP-002 Quality planning
    • GP-003 Audits
    • GP-004 Vigilance system
    • GP-005 Human Resources and Training
    • GP-006 Non-conformity, Corrective and Preventive actions
    • GP-007 Post-market surveillance
    • GP-008 Product requirements
    • GP-009 Sales
    • GP-010 Purchases and suppliers evaluation
    • GP-011 Provision of service
    • GP-012 Design, Redesign and Development
    • GP-013 Risk management
    • GP-014 Feedback and complaints
    • GP-015 Clinical evaluation
    • GP-016 Traceability and identification
    • GP-017 Technical assistance service
    • GP-018 Infrastructure and facilities
    • GP-019 Software validation plan
    • GP-020 QMS Data analysis
    • GP-021 Communications
    • GP-022 Document translation
    • GP-023 Change control management
    • GP-024 Cybersecurity
    • GP-025 Corporate Governance
    • GP-026 Product requirements for US market
    • GP-027 Product requirements for UK market
    • GP-028 Product requirements for the Brazilian market
    • GP-050 Data Protection
      • Templates
        • Standard clauses
          • Annex 2 First layer of information in digital environments
          • Information clause on the processing of personal data in contracts
          • Information clause on the processing of personal data in contracts
          • Employee data modification
          • Employee recruitment
          • Footer for email
          • Email footer for advertising purposes
          • Privacy policy
          • Release of image rights
        • T-050-001 Record of Processing activities (ROPA)
        • T-050-003 Data access key
      • Specific procedures
    • GP-051 Security violations
    • GP-052 Data Privacy Impact Assessment (DPIA)
    • GP-100 Business Continuity (BCP) and Disaster Recovery plans (DRP)
    • GP-101 Information security
    • GP-200 Remote Data Acquisition in Clinical Investigations
  • Records
  • TF_Legit.Health_Plus
  • Licenses and accreditations
  • External documentation
  • Procedures
  • GP-050 Data Protection
  • Templates
  • Standard clauses
  • Annex 2 First layer of information in digital environments

Annex 2 First layer of information in digital environments

AEPD first layer information​

The Spanish Agency has proposed an information system consisting of a first layer in table mode, in which to complete information about the person in charge, purposes, legitimacy of the treatment, forecast of communications or transfers, way of exercising rights and origin of the data as the proposal below.

Proposed first layer information​

A simpler and less intrusive option than the one proposed by the AEPD would consist of establishing a text as the first layer in accordance with the provisions of art. 11 of the LOPDGDD. Thus, according to this article, through the information provided in this layer, the user of the website must be able to understand, at least initially, the identity of the person in charge (who collects the data), the purpose of the treatment (for what will use) and how to exercise your rights.

“We will process your data to get in touch and respond to your requests for information. You can revoke consent, exercise your rights of access, rectification, deletion, opposition, treatment limitation and portability by writing to legal@legit.health. More information in the Privacy Policy ”.

info

"Privacy Policy" will be a link to Legit.Health's full privacy policy for that matter.

Document signature meaning​

  • Author: JD-003 Taig Mac Carthy
  • Review: JD-005 Alfonso Medela / JD-004 María Diez
  • Approval: JD-001 Andy Aguilar
Previous
Standard clauses
Next
Information clause on the processing of personal data in contracts
  • AEPD first layer information
  • Proposed first layer information
  • Document signature meaning
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI LABS GROUP S.L.)