Terms & Conditions
PRIVATE POLICY
PERSONAL DATA PROTECTION POLICY
This website is operated by the company under the name “Daskalakis-Xyda Idiotiko Iatreio Iatriki IKE”, hereinafter referred to as ” the medical company”, based in Chania, Tel: +302821008251, E: info@dm-surgery.com.
Your agreement to the following terms of the Civil Protection Code is considered a free statement of your consent to the collection, use and further transmission of your personal data for purposes related to the use of our website, as defined below.
Consequently, we encourage you to carefully read the following Privacy Policy, as it informs you of your rights and the manner and extent of the processing of personal data by our website, which is fully compliant with the General Data Protection Regulation (GDPR 2016/679 - General Data Protection Regulation).
These terms are formulated, taking into account the rapid development of technology, and in particular, the internet and any existing changes to legal matters regarding the above issues.
If you are not in agreement, you should leave the website without using its services and content.
Purpose of this policy
Protecting your personal data is important for the medical company. This Policy informs you of the Medical Data Collection Practices through its website, including the categories of data that it may collect, maintain and process, their purpose of collection, the categories of persons to whom your data is disclosed, as well as your legal rights. The medical company makes every effort to protect your personal data, provided that the personal information you provide us with is accurate and true. It also describes some of the security measures that the company is taking in order to protect the confidentiality of data and provides some guarantees for matters the company is unable to undertake.
The commitment of the medical company
The medical company considers that the protection of our clients’ privacy and data is of the utmost importance and is committed to providing the latest personalised services that meet requirements in a way that ensures privacy. Personal information (personal data) is used exclusively by the medical company and its employees or associates in order to respond to your requests and to better serve you in accordance with this Policy. People who manage personal information are trained in the use of appropriate procedures. Representatives and providers of services to the medical company keep your personal information strictly confidential and do not use it for any purpose other than to provide specific services for us.
In addition, in some cases you may be asked by the medical company if information can be shared with other trusted third parties. We will inform you of the information collection, at the time, if such sharing of information with certain third parties is needed. The medical company will specify the types of businesses with which the relevant information may be shared. It will describe the type of information to be transmitted (such as your address or e-mail) and will forward the data to other parties if you consent.
Legal and regulatory framework
The medical company collects and processes personal data for the performance of its duties, the processing of electronic services and the fulfillment of its legal obligations. For the purposes of this policy, the medical company is the “controller”, defined in Article 4 no. 7 General Data Protection Regulation. The personal data management and protection of the visitor/user of this website https://www.dm-surgery.com owned by the medical company is subject to these terms, and the relevant provisions of EU Regulation 2016/679 on Data Protection personal (GDPR) AND n. 4624/2019. These current terms are formulated taking into account, not only the rapid developments of technology, specifically the internet, but also existing legal regulations relevant to these matters. The website https:///www.dm-surgery.com will not perform any illegal actions and will follow the principles of data protection provided by the relevant laws and international conventions. The website httsps://www.dm-surgery.com will, under no circumstances, disclose, publish, or exchange your personal data or any information that you have shared with us. Moreover, no personal information or user details, including email addresses will be transmitted to any other organisation or partner who is not associated with the medical company.
What is GDPR? - Current Legislation
The GDPR (General Data Protection Regulation General Data Protection Regulation –General Regulation on Data Protection “, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, ‘the Regulation’) relates to the establishment of a single legislative frame workforce for the processing of personal data in the European Union Member States and replaces previous legislation (Directive 95/46/£C). The protection of individuals with regards to the processing of personal data is a fundamental right. Article 8, paragraph1, of the Charter of Fundamental Rights (“the Charter”) and Article 16, paragraph 1 of the Treaty of the European Union TFEU) states that everyone has the right to protection of personal data concerning him or her. The regulation shall be binding in its entirety and directly applicable in all Member States (i.e., no special adaptation of national legislation is required, Article 83 of the Rules).
What is personal data?
The term “personal data” refers to personal information such as name, postal address, email address, contact number, etc. which determine or may determine your identity, henceforth “Personal Data or Data.”
What is the processing of personal Data?
“Processing” of personal data means any operation or set of operations, using automatic means or not, performed on personal data or personal data sets, such as the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
What is a data controller?
The data controller is a natural or legal person, agency or public authority or any other body who alone or jointly with others, determines the purposes and means of personal data processing.
What is a processor?
The processor is a natural or legal person, public authority, agency, or any other body which processes personal data on behalf of the controller.
Is it obligatory to provide us with your personal data?
The provision of personal data to the medical company through this site is optional or may be necessary to achieve the purposes identified in this policy. By withholding the obligatory information, on the website (https:// www.dm-surgery.com), it will be impossible to achieve the purpose of the collection of the data, and it may, for example, become impossible for the medical company to provide the services available on the Website (https://www.dm-surgery.com).
What kind of data is collected by the medical company through this site?
All information is included within the concept of The General Data Protection Regulation. The collection is not required by law or by the conclusion or execution of a contract, it is collected by the medical company through this site, only after having been given your explicit consent.
We collect the following personal information:
Identification Data: Name, phone number.
Data Communication: Email address, telephone number.
Contractual data: Contractual documentation, information and consent forms, electronic statements of consent.
Transaction Behaviour Data: Information concerning interests, preferences, and participation in surveys.
Health data: Medical health data.
Visiting the website of the medical company (https://www.dm-surgery.com) does not necessarily require the provision by you of any kind of personal data. In many cases, however, the provision of some of your personal data is necessary, including sensitive personal data which is indicated in the relevant data entry sections on the website of the medical company
The medical company may collect and store the following personal information about you from the following limited resources:
Communication data when you contact us to ask questions or to inquire about the services provided by the medical company.
- - identification data, communication, trade, contractual relationship, and transactional behavior data when making an electronic submission to the medical company.
The data collected through this website, (https:// www.dm-surgery.com), can also be combined with data provided at other times, for example, when calling by phone to the medical company. The personal data given to the medical company, in these cases, may be consolidated with existing databases and stored, in order to simplify the management of your data.
Collection and purposes of use of personal data
The use of personal data, collected by the medical company from you, serves the following purposes:
Advertising/Marketing: The medical company may use the personal contact data of the visitors/users for informational purposes and promotions regarding the provision of discounts on services provided by the medical company, only upon receiving the users’ explicit consent.
Website improvement and customization: This information will only be used by the medical company for the purposes for which it was collected and to provide you with information. It will also be used to adapt the content of the website to your needs and to improve its composition, dynamics and to make modifications.
Provision of electronic services, through a user identification process: This information is to be used by the medical company for the purpose of processing your electronic application and more specifically: For registration or identification in its applications.
Legal use: The medical company may collect, store, disclose and process the personal data of visitors/users, as required by the personal Data Protection Regulation and /or the Law, or when necessary, to protect the interests of both parties, because of their transactional and contractual relationship or doctor-patient relationship.
IMPORTANT NOTE: With regard to the collection of personal data, which does not take place electronically, by the website owned by the medical company regarding the processing of personal data of employees, prospective employees, associates, contractors, suppliers, individuals, customers and all natural persons, separate written and detailed information of the data is based on the relevant obligation set by the requirements of articles 13 and 14 of the GDPR.
Data Retention and Storage
The medical company stores personal data only for the time for which it is required to perform a service requested by you or for which you have given your approval, subject to the contrary provisions of the Law, as is the case with regard to issues governed by medical, commercial and/or tax legislation plus various relevant regulations, etc., In each and every case, the personal data provided to us and reflected in written agreements, contracts and associated with a contract or included in a transactional e-mail, are stored in physical and electronic files in the accountable department of the medical company or with any other third party who directly or indirectly provides services or assists the aforementioned department in carrying out their duties or by providing management services to us. As specified by the Code of Medical Ethics (N.3418/2005, Government Gazette A287/28.11.2005), “Article 14§4: The obligation to maintain medical records applies, as such: a) private clinics and other primary health care units of the private sector for 10 years from the last visit of the patient and b) in all other cases, for twenty years from the last visit of the patient.”
Data Deletion
Your data is deleted accordingly and always under the provisions laid down by the relevant legislation.
Transmission of personal data
The medical company does not transmit personal data to third parties unless this is required for legal purposes, to respond to your requests and/or if required or permitted by law. In all cases, access to personal data is allowed only to authorized persons who require access to complete a task with regard to the purpose of the data collection, use and processing, as disclosed in this statement. In some cases, the medical company may transfer your personal data to relevant public authorities or to natural or legal persons entrusted with the execution of a part of the processing, provided you are notified in advance and that we have received your prior consent, if required, for the specific action. People who have access to data, are obliged to respect confidentiality.
Log files
We use IP addresses (Internet Protocol) to analyze trends in Internet usage, to manage both our computer resources and our network and to monitor any unauthorized illegal or malicious activities (attacks) and to gather general demographic information (country of origin) for aggregate use.
IP addresses
An IP address, through which the computer of the visitor/user/member has access to the internet and then to a site or application, is stored and may be used by the website, if necessary, in the case of a violation of the Terms of Use of the Site/Application by the visitor/user/member. IP addresses are not considered personal data.
Data security
The internet, like any medium used for transmitting information cannot be considered 100% safe. Internet security is a sensitive issue and is based principally on credible organizations and businesses that respect the confidentiality and security of their users. The medical company tries to maintain strict security measures and controls to protect your personal information in order to ensure compliance with all applicable legal requirements. The medical company implements strict safety measures, at a technical and organizational level, with regard to the safety of your personal data, against any possible accidental or deliberate attack, manipulation, loss, destruction, or otherwise access by an unauthorized person. Our security measures are subject to continuous updates and modifications, according to the latest technological developments. The medical company uses the latest encryption and information protection tools (encryption 128-bit, secure pages, network firewall protection-system, etc.) Access to personal data is restricted to authorized employees who provide products and services for us and who come into contact with this data. Physical, electronic and procedural safeguards are enabled, which conform to regulations regarding the protection of your personal data. The medical company takes every possible precaution to ensure that your personal data is safe. However, due to the nature of the internet, the website cannot guarantee the protection of communication or data stored in browsers with regard to any unauthorized access by third parties.
Internet access
If you have contacted the medical company using the internet, we may use your e-mail address or telephone number to contact you, provided these contact details were given to us by you. Please be aware that communications over the internet, including emails etc. are not secure unless encrypted. The medical company is not responsible for any unauthorized access or loss of personal information that is beyond its control. Namely, due to the nature of the internet and the technological infrastructure used for all communication with the computer hosting this website, we cannot exclude the possibility of information being accessed or breached by third parties. In such a case, the medical company and any legitimate affiliates cannot be held liable. Instead, action should be taken against those with malicious intent who have illegally obtained your information.
Privacy Policy - Children
This website is designed and intended for use by adults. If you are a minor who requires parental consent in your country (in Greece, this applies to persons under 15 years of age– N. 4624/2019), you should check the terms of this declaration, together with your parent or guardian to make sure that you understand and accept these conditions. If information has been obtained from a minor without the consent of a parent or guardian, who should have given consent, we will delete the information at once.
Communication through the website platform
In the event that a user communicates with us using the contact form, or by other means, the provision of personal data by the user is done voluntarily and exclusively at the free will of the user. We will process such personal data provided, only to the extent necessary for that purpose.
Social networks
Our website offers the user the opportunity to share on social networks and use other related tools that allow you to share your actions within the website with other applications, websites or media, and vice versa. Using such features, allows you to share information with your friends or the general public, depending on the settings you have set in your personal profile. Please refer to the Privacy Policies of these social networking services for more information about how they handle your data.
Surveillance of communications
Any communication you have with the medical company (including telephone conversations, emails, etc.,) are not monitored and are not recorded.
Links
Our website may contain links to other websites. This privacy statement applies only to the user access to this particular website and any other websites operated exclusively by the medical company. In no way is the administrator of this portal responsible for the terms of protection of personal data of any other websites, which are solely the responsibility of third parties (natural or legal).
Revision of the Declaration
The medical company reserves the right to periodically modify or revise this statement at its sole discretion. If changes are made, the medical company will record the amendment or revision date in this statement and the updated statement will apply to you from that date onwards. We encourage you to study this declaration on a regular basis in order to check if there are any changes in the way we treat your personal data.
Applicable law and jurisdiction
For any dispute arising between the user and the medical company, the applicable law is Greek and competent resolution courts of disputes are under the jurisdiction of the Courts of Chania.
What are your rights?
According to the Data Protection and Privacy Regulations (EU General Data Protection Regulation (GDPR) 2016/679), as applicable, you have the following rights:
- The right to access,
- The right to rectification,
- The right to delete personal data, under certain circumstances, such as when treatment is no longer necessary for the purpose for which it was originally collected or there is no imperative reason to continue processing or storing the data,
- D) The right to restrict processing of personal data,
- The right to transfer data,
- The right not to be subject to automated decision-making, including different types of profiling,
- The right to lodge a complaint with a supervisory authority.
That is, you are entitled to receive, on request, free information about the stored personal data relating to you, to view the request, object to the processing of data about you, revocation of consent to the processing of data and, in accordance with the applicable provisions, the right to rectification of data, the limiting of processing and transmission of data, deletion of such data and the right to complain to a supervisory authority. In such a case, please write directly to the medical company or via email to info:dm-surgery.com.
Right to lodge a complaint
If you believe that the processing of data about you violates Regulation (EU) 2016/679, you have the right to complain to a supervisory authority. The competent supervisory authority for Greece is the Data Protection Authority Kifisias 1-3, 115 23, Athens, https://www.dpa.gr/, tel. 2106475600.
Contact
If you have questions or recommendations regarding this policy, you can direct them to info@dm-surgery.com. Ongoing developments of the internet in general makes it necessary for us to make the occasional adjustments to our rules protecting network data. The medical company reserves the right to make any appropriate changes to these rules at any time.
Copyright policy
Apart from specifically defined exceptions, the entire content included on the website dm-surgery.com, which may be subject to copyright, is the intellectual property of the medical company and is protected by the relevant provisions of Greek, EU and international law for the protection of intellectual property.
The composition of the content and set-up of the components that are included in the website belong exclusively to the medical company and is protected by the relevant provisions of Greek, EU and international law. The medical company hereby expressly reserves all intellectual property rights to any and all components of the content of dm-surgery.com. Each user of dm-surgery.com acknowledges and accepts that the content of the website dm-surgery.com is designated only for personal use and not for any type of commercial use. This content may not be used for commercial purposes or copied, altered, duplicated, retransmitted, broadcast or distributed in whole or in part in any manner by any user. Each user is entitled to download and/or copy and /or store specific parts of material from dm-surgery.com exclusively for personal use and not for commercial purposes, without deleting the origin indications and provided that it protects any and all proprietary rights of the medical company from any form of attack. For any other purpose the above actions will be allowed only if they are done with the written consent of the medical company. Accessing the dm-surgery.com website or performing any of the above actions will under no circumstances result in the creation of the right, title or legal interest to any part of the content that has been downloaded and/or copied and/or stored, including any or all sections of dm-surgery.com website.
Subject to the above, the user undertakes not to create any derivative or content-based work from dm-surgery.com website, not to copy, reproduce, republish, upload, modify, transmit or sell or exploit in any way, in whole or in part, not to index the website material or related software, not to frame it with another website, not to enter it as a link for direct access from another site to its internal information, not to copy the site on another server by creating an image and not to promise any rights to a third party on behalf of dm-surgery.com, without the express written consent of the medical company. It is also not allowed to create and/or publish a database containing significant parts of the dm-surgery.com website without the prior explicit consent of the medical company.
Users using dm-surgery.com unreservedly accept and agree that they will use the website dm-surgery.com in a lawful and appropriate way, notably in accordance with the terms set out above. Therefore, users unreservedly agree that they will not use dm-surgery.com to transmit or access content that infringes any copyrights of third parties or the medical company. Where dm-surgery.com links through “links” or hyperlinks to other websites, the owners and /or administrators of these pages bear full (civil and criminal) responsibility for the security, legality and validity of the content of their webpages, excluding any liability of the medical company, such as indicative of liability for copyright infringement. The visit and access to these pages is the sole responsibility of the user.
A basic principle of the medical company policy is to respect and protect the intellectual property rights of others. If, however, the user considers that the dm-surgery.com website has infringed their copyright, they may inform the medical company by identifying the content of the website which they consider has infringed on their rights, as well as the reasons they consider substantiate the violation.
Cookies policy
“Cookies” are data files that a website sends to your computer when you browse the website. These data files contain data that enables our site to remember important information so that you will find it more efficient and useful when using the site. Our website uses cookies for various purposes. We use the technology of cookies and IP addresses to obtain non-personal information about the visitors to the website and to provide our registered visitors with the best possible personalized electronic experience.
How do we use cookies? Visitors to the medical company’s website use different web browsing software and different computers. To make your visits easier with the technology you use, we automatically record the type of browser and operating system used by a visitor, as well as the name of the visitor’s ISP. We also record the total number of visitors to the site in a cumulative way so that we can update and improve our site. No personal information is exported using this process. This data shows us whether visitors prefer certain features or parts of the site to others, which helps us keep our site up to date with new content that is of interest to the majority of our visitors. Specifically, the cookies used by us are:
Absolutely necessary for the operation of the website and the identification of users (essential): The strictly necessary cookies are fundamentally important for the proper functioning of our website and allow you to browse and use the functions, such as accessing secure areas of the site. These cookies do not recognize your personal identity. Without these cookies, we are unable to offer efficient use of our website.
What if you do not want cookies? If you do not want cookies, you can use the special banner that pops up. At that time, you can select which of the settings you prefer for your computer ACCEPT, NOT ACCEPT (check the Help menu of the browser you use to learn how you can change or update the cookie settings correctly).
Rejecting cookies may affect your ability to use some of the services on the medical company website.