The company “IASSIS MEDICAL ” (hereinafter “the Company”) respects the privacy of individuals and takes very seriously the need to protect their personal data. This informative text provides anyone interested in receiving medical services at any of the Company’s offices and any visitor / user of the Company’s web sites with concise and transparent information on practices for the management and protection of personal data.
What is the purpose of this Policy?
This Policy is intended to inform how the Company’s customer data is collected, stored, used and transmitted, the security measures taken by the Company for the protection of personal data, the reasons for and the time they are provided. stored, but also for the type of personal data collected. It refers to any operation or series of operations performed with or without the use of automated means, personal data or personal data sets, such as the collection, registration, organization, structure, storage, adjustment or modification, recovery, retrieval, use, transmission, dissemination or any other form of distribution, association or combination, restriction, deletion or destruction. The Company unilaterally reserves the right to update, modify, add, modify its services and this Policy, from time to time, at any time it deems necessary, without prior notice, always within the applicable legal framework and subject to any changes in the applicable legislation. protection of personal data. The Company encourages any interested party to review this Policy from time to time to keep abreast of any changes made.
What is personal data?
Personal data is any information that concerns a specific natural person or person whose identity can be verified (eg name, ID number, address, etc.). Health data (physical or mental, medical services, etc.) are included in the general term personal data but are a specific category of data. The Company will not process your personal data without your consent. However, the Company reserves the right, in exceptional cases, to process your personal information to the extent permitted or required by law, and / or by court orders or prosecution orders / orders.
How is personal data collected?
Your personal information is collected in the following ways:
(a) you provide it to us when the Company provides medical services to you or a person accompanying you, when you contact us to obtain you or a third party medical service, when you apply for a job with the Company, when filling out forms or sending e-mails, in order to access or use the services available on the following Company Web sites: www.iassist.gr https://en-gr.facebook.com/iassistnidri/
(b) automatically through the browser or mobile device you use to access the Sites.
(c) provided by a third party partner after you have given your consent (eg insurance company)
When you sign up for a service provided by the websites, you will need to fill in some fields as well as choose a username and password. In cases where your consent is required for the collection of your personal data, such as the receipt of a “newsletter” on a regular basis, this is expressly requested by you and you have the right to withdraw it at any time.
What personal data is collected:
In summary, personal data collected and further processed include: – the name, address and more generally the contact information (including email address and phone number) of you or your relatives, – health data provided by you the Company medical services or health data for medical services not provided by us but reported to us either by you or by third parties – information you give us about our payment, such as bank card information – other information coming from the use of websites and other digital platforms we use to inform you about the following services provided by the Company through its websites and / or your subscription to one or more of These: • Download a newsletter on a regular basis. • Receive email or announcement / news correspondence. • Download periodicals in electronic form on a regular basis. • Manage your medical record if you have received services from the Group. • Health data entry and information retrieval. • Inquire about services related to Medical tourism.
What are the principles governing the processing of personal data by the Company?
The Company processes your personal data in a lawful and lawful manner for the purposes clearly set out in this Policy. Your personal data processed by the Company is limited to what is strictly necessary to achieve these purposes, is accurate and timely, is kept for a period specified by the processing purposes, is protected by adequate security measures and is not transmitted to countries that do not provide sufficient security level of protection.
Who collects personal data and for what purpose? Are they transmitted to third parties?
The personal data is collected and processed by the Company’s authorized employees for the purpose of providing the service solely. They are transmitted only to authorized third parties who are committed to maintaining confidentiality when they are required to access such services (eg physicians for diagnostic purposes). Upon your order, your personal data may be transmitted to third parties (eg another physician of your choice) / affiliated companies (eg insurance companies to which you have contracted). The Company undertakes not to market your personal information by selling / renting it / transferring / disclosing or disclosing it to third parties or otherwise using it for other purposes that may endanger privacy, rights or your freedoms, unless required by law, judgment / order, administrative act or contractual obligation necessary for the proper functioning of the Company’s Websites and for the performance of its functions their price. The personal data may be transmitted to affiliates, or to third parties, in accordance with the terms of this Policy and committed to confidentiality, acting on behalf of the Company for further processing to provide services, evaluate and improve its functionality. website, marketing purposes, data management and technical support only after the user has been informed in advance and his consent has been obtained. These third parties are contractually bound by the Company to use personal data only for the above reasons, and will not transmit personal information to third parties, and will not disclose it to third parties unless required by law.
How long is my personal data kept?
Your personal data is kept for as long as is necessary by the nature of the service provided by the Company that you have selected yourself and in addition, for as long as the relevant law provides.
What are my rights? What can I do if I have an issue with the processing of my personal data?
Is my data safe?
The Company considers the privacy of its customers, employees, employees, or third parties extremely important, and makes every effort to protect them, both in terms of confidentiality / confidentiality and information. their integrity (not to be damaged, not to be accidentally damaged, etc.). In this context, the Company implements an Information Security Management System, which follows the best practices of the international standard ISO 27001. The Company takes all appropriate organizational and technical measures designed to protect information from loss, misuse, non-use. authorized access, disclosure, distortion or destruction and shall ensure the legitimate and lawful collection and processing of personal data as well as their safe keeping in accordance with the relevant provisions; both Greek and Community and international law on the protection of the individual from the processing of personal data, as well as the decisions of the Data Protection Authority, preserving the privacy and confidentiality of any information that comes to its knowledge. In particular, this Policy takes full account of the provisions and articles of Regulation (EU) 2016/679 of the European Parliament on the protection of individuals with regard to the processing of personal data and on the free movement of data (“General Data Protection”) Regulation ”(“ GDPR ”) and shall make every effort to comply with it. Access to the contact information of visitors / users of the Company Websites is restricted to authorized persons who are committed to confidentiality (employees, service providers) and it is reasonable to assume that they need to know this information to provide products or services to their visitors / users. Web pages or for performing their work. The company explicitly prohibits the use of staff and associates, cameras, camcorders as well as the use of photographic and video recording capabilities of mobile phones within the company’s workplaces.
How collection and use of my personal information is done on Web Sites?
The personal data is collected on the Company’s Websites in the following cases: – When you request information about the health services provided by the Company through the Websites. – When you sign up and request to receive e-mail or Company announcement / news correspondence. – When you sign up and use the Company Web site services. – When you sign up and request to receive periodical publications of the Company in electronic form on a regular basis. – When you are willing to participate in health services and health programs of the Company. – Using “Cookies” or similar technologies (see next question below for more details). The personal data collected on a case-by-case basis include: – Receiving a newsletter on a regular basis: an e-mail address. – Management of the medical record of patients who have received health services from the Company: all personal data included in the medical record, including health data, results of medical examinations, doctors’ opinions, financial data, etc. – Health data entry and information retrieval: Medical history information, contact information [e-mail address, postal address, telephone, etc.]. – Monitoring the smooth operation and improving the functionality and performance of web pages: Internet Protocol address (“Internet Protocol address”), “browsing patterns”, information on using a website, browser history (“ browser history ”),“ geolocation ”data, HTTP protocol details, etc. This data shall be aggregated so that users cannot be identified as far as possible. The collection and processing of personal data is solely aimed at: – personalized information and service provision, – the provision of health services according to user preferences and characteristics, – the statistical analysis of the traffic and use of company websites. – the satisfaction of users’ requirements as well as direct communication for the purpose of informing new health services of the company (provided consent has been provided by users). Further transmission to third party partners will be at the request of the visitors / users themselves. User consent is explicitly requested, subject to information about the purposes and legal basis for the use of personal data, and is a prerequisite for any processing or transmission of user personal data.
-What are Cookies & internet tags?