Privacy Policy

1. Data Controller

The controller for your personal data collected through HanaMind is:

2. Purpose of Processing

At HanaMind, we process the information provided by interested parties for the following purposes:

• SaaS Service Management: Provision of management service for psychologists, including scheduling, medical records, and billing.
• Customer Support: Resolving inquiries made through the website or support channels.
• Commercial Communications: Sending information about news, improvements, and services related to HanaMind (always with your prior consent).
• Legal Compliance: Managing legal, accounting, and fiscal obligations derived from the contractual relationship.

3. Special Protection of Health Data

4. Legal Basis

The legal basis for processing your data may be:

• Contract Execution: For the provision of the HanaMind service.
• Legal Obligation: For compliance with tax and data protection regulations.
• Legitimate Interest: For sending information about similar services if you are already a client.
• Consent: For sending newsletters or using non-essential cookies.

5. Retention Period

Personal data provided will be kept as long as the commercial relationship is maintained or for the years necessary to comply with legal obligations (generally 6 years for commercial records and 5 years for health data in Spain). Once the relationship has ended, data may be blocked until the limitation period for legal liabilities expires.

6. Rights of Data Subjects

Anyone has the right to obtain confirmation as to whether or not we are processing personal data concerning them at HanaMind. You can exercise your rights of:

To exercise these rights, send an email to privacidad@hanamind.es attaching a copy of your ID or equivalent document to verify your identity.

7. International Transfers

HanaMind prioritizes the use of services hosted within the European Economic Area (EEA). In case of using providers outside the EEA, we ensure they operate under standard contractual clauses or privacy frameworks recognized by the European Commission.

8. Supervisory Authority

If you consider there is a problem with how we are handling your data, you have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

9. Use of Google Data (Google API Services)

HanaMind allows optional integration with Google Calendar to synchronize your professional agenda. Below we detail how we treat this data:

Data we access

• Google Calendar events (title, date, time, description)
• Basic account information for authentication (name and email)

How we use this data

• Synchronization of appointments between HanaMind and your Google Calendar
• Show real-time availability for booking appointments
• Calendar data is used exclusively for scheduling functionality and never for other purposes

Sharing with third parties

Storage and protection

• Synchronized data is stored on servers within the European Economic Area (EEA).
• Security procedures are in place to protect the confidentiality of your data.
• We use encryption to protect your information, including encryption in transit (TLS 1.3) and at rest (AES-256).
• Access is restricted via two-factor authentication

Retention and deletion of Google data

• Google Calendar data is maintained while the integration is active
• You can disconnect Google Calendar at any time from Settings → Integrations
• Upon disconnection, all synchronized Google data is removed from our systems within a maximum period of 30 days
• To request immediate deletion, contact: privacidad@hanamind.es