1. Identifying data


EVERSENS, S.L., owner of the web domain with address for these purposes at CALLE TAJONAR 22, 1º, L4. 31006 PAMPLONA, NAVARRA, C.I.F. number: B71255269, and contact email:


2. Data Protection


EVERSENS, in compliance with Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights, and the RGPD, ensures the correct use and treatment of the user's personal data. To do this, together with each personal data collection form, in the services that the user may request from EVERSENS S.L, it will inform the user of the existence and acceptance of the particular conditions for the processing of their data in each case, informing of the responsibility of the created file, the address of the person in charge, the possibility of exercising the rights, the purpose of the treatment and the communication of data to third parties, where appropriate.


3. IP addresses


The website servers will be able to automatically detect the IP address and domain name used by the user.


An IP address is a number automatically assigned to a computer when it connects to the Internet. All this information is registered in a duly registered server activity file that allows the subsequent processing of the data in order to obtain only statistical measurements that allow knowing the number of page impressions, the number of visits made to web services, the order of visits, the access point, etc.


4. Security


The website uses information security techniques generally accepted in the industry, such as firewalls, access control procedures and cryptographic mechanisms, all in order to prevent unauthorized access to data.


To achieve these purposes, the user / client expressly accepts that the provider obtains data for the purposes of the corresponding authentication of access controls.


Any hiring process or that entails the introduction of sensitive personal data (health, ideology, ...) will always be transmitted through a secure communication protocol (Https: //, ...), in such a way that no third party has access to information transmitted electronically.


5. Minors


Minors under 14 years of age should not transfer their personal data to EVERSESN, S.L without the prior consent of their parents or guardians.


With the publication of the RGPD, the age to consent to the transfer of personal data between 16 and 13 years is foreseen, an issue that is currently to be defined.


In the event that EVERSENS detects users on the web that could be under 14 years of age, it reserves the right to request a copy of their ID, or, where appropriate, the authorization of their parents or guardians, causing their cancellation in case of Failure to prove compliance with this requirement or lack of response.


6. Exercise of rights


At any time, the web user may modify the preferences for commercial shipments, as well as exercise their rights provided in the regulations, by means of a written communication addressed to EVERSENS, at the postal address of CALLE TAJONAR 22, 1º, L4. 31006 PAMPLONA, NAVARRA, or via email to . In both cases, the user must accompany a copy of their ID, passport or similar.


  • ACCESS: Obtain confirmation of whether personal data is being processed.
  • DELETE: Obtain the deletion of personal data.
  • RECTIFICATION: Modify inaccurate, erroneous or incomplete data.
  • PORTABILITY: Receive from EVERSENS S.L the personal data of concern and transmit it to another person in charge of the treatment.
  • OPPOSITION: Oppose to that the personal data of concern are being subject to treatment based on the fulfilment of public interest purposes, or of legitimate interest for the person in charge.  
  • LIMITATION OF TREATMENT: Obtain the limitation of the data processing from the data controller.


Also, you can use the models and forms that the AEPD (Spanish Agency of Data Protection) portal makes available to you for the exercise of these rights.


And, if you do not wish to receive communications by email, you can exercise your right of cancellation and opposition by requesting your withdrawal also by ordinary or electronic mail, in addition to through the link that you will have in each email you receive from EVERSENS, S.L.


7. Treatment activities and purpose


EVERSENS, S.L collects the information of each client / supplier / etc. for the provision of our information delivery service.


Categories of data to which you have access:

  • Identifying data (Name, surname, email, telephone and Country patient identification code, date of birth, gender, predefined FeNO measurement mode, height and weight) and data provided in attached files.
  • Health information data: (FeNO measurements, body temperature measurements, weight measurements, daily activity measurements, results of questionnaires and medications with frequency of intake).


 - Purpose of data processing:


Personal data may be processed by the data controllers for the following purposes:

  1. Provision of health care: your personal data are processed to provide you with the health care you need, as well as to properly manage the health and administration services necessary for the same, for example:
    • Remind you of the need of making measurements, questionnaires or medication intakes;
    • Enable access to the application to allow you to view your historical data and perform other functions available in the app.

    • Biometric data will be processed to authenticate the user or patient.

  2. Scientific research: your data may be processed for scientific purposes, in compliance with the specific regulations in this regard.

  3. Anonymization and pseudonymization procedures: certain procedures may be applied on your data so that they are not or no longer identifiable, or so that they can no longer be attributed to a data subject without using additional information listed separately, for scientific or statistical research purposes.

  4. Attendance of requests for information, complaints, suggestions, claims, data protection rights, etc.: in these cases your data will be processed in order to manage and process the request.

  5. Fulfillment of legal obligations: it may be necessary to process personal data to comply with the corresponding legal requirements. In particular, to comply with legislation on data protection, tax, health, etc...

  6. Formalization and execution of the contract: the patient's personal data are processed for the purpose of managing the contractual relationship with the patient.


The data collected will be processed for the specified purposes and in no case in a way that is incompatible with those purposes. We remind you that the processing for scientific research or statistical purposes is not considered incompatible with the initial purpose.


 - Acquired customer rights:


  • Access to your personal data.

  • Request the rectification of inaccurate data.

  • Request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.

  • Oppose the processing of your data for reasons related to your particular situation, requesting that they not be processed by Eversens S.L.

  • In certain circumstances, you may request the limitation of the processing of your data, in which case they will only be kept for the execute or defense of claims.

  • Withdraw, the consent given, without affecting the lawfulness of the processing that has been carried out prior to such withdrawal.


 - Mobile device permissions requested from the user:


The Evernoa app mobile application may request the following sensitive mobile permissions for the purposes detailed below:

  • Nearby devices: This permission is required to be able to connect to devices via Bluetooth Low Energy (BLE).

  • Storage: This permission is required to allow selecting documents or images that the user needs to attach in some forms of the electronic procedures offered and to save in the device documents obtained from various sections.

  • Location: This permission is required to allow scanning or searching for available BLE devices. 


 - Data transfers from the data controller:


EVERSENS SL informs the users of the web that their personal data will not be transferred to third parties or organizations except when the transfer of data is covered by a legal obligation or when the provision of the service implies the need for a contractual relationship with providers of services in charge of the treatment. In the latter case, the transfer of data to the third party will only be carried out when EVERSENS has the express consent of the user and maintains a contractual relationship with the person in charge of the treatment that guarantees its confidentiality and compliance.


EVERSENS expressly prohibits the user of the website from sharing, facilitating or transferring data from third parties, which they may obtain from contact, interaction or browsing or consulting through this website, except if they can prove the express authorization of the user whose data they intend to transfer.


We remind web users that DATA also includes image files of people. The personal image is a data protected by the regulations (Article 5.1 of the Development Regulation of the LOPD). Therefore, no one can use it without the express consent of the person who appears in it.


 - Data retention period:


Personal data will be kept for the time necessary for users to access the application.


- International data transfers:


There are no international data transfers.


8. Applicable legislation


The privacy policy of EVERSENS, S.L is governed by the following rules: