This Policy aims at informing you about:
- The type of personal data We collect when You make use of the Website and its services
- The purpose and the legal basis for the collection and processing of Your personal data when You make use of the Website
- How we process Your personal data when You make use of the Website
- The recipients of Your persona data and the purpose of their processing, along with the legal bases according to which we process Your data
- Your rights and options with respect to Your personal data
- How You can contact Us about any issue You may have regarding Your personal data
1. Who is the Data Controller?
1.1. The Controller of Your personal data is “DOCTOR NEXT TO ME P.C.” (Doctor Next to Me). Our Company has its registered seat in Athens, Greece (Zografou region) at 45, Galini Street, Postal Code 15772 and the Tax Registration Number (AFM) No 800869936, of the Public Fiscal Authority (DOY) Athens IB.
1.2. Contact Details: Tel. No +30 212 1042659, email: [email protected]
- A) By Phone: +30 212 1042659, Monday to Friday 09:00 - 17:00.
- B) By Email [email protected]
- C) By post: 45, Galini Street Athens, Athens, Greece (Zografou region), Postal Code: 15772
2. What are personal data and how does our Company process it?
Personal Data is any information that relates to You or may be attributed to You by allowing, either separately or in combination with others, Your unique identification. For example, the name, surname, father name, address, postcode, city, country, county / region, phone, mobile, fax and user data, such as email, username, according to the General Data Protection Regulation, applicable Greek law (Law 4624/2019, Law 3471/2006) and the decisions of EDPB (former WP29) and the Hellenic Data Protection Authority (HDPA). Additionally, personal data is also any technical data that concerns You and can identify You with a treatment such as IP address or web pages from which You entered our Website, etc.
Indicatively, We may collect the following personal data about You:
- Identity data: (full name), which You provide to Us when You fill out the contact form on Our Website.
- Contact Information: (email address and optionally Your mobile phone number), which You provide to Us when You fill out the contact form on the Website and/or subscribe to our Newsletter.
3. What is the purpose and legal basis of each processing?
3.1. We process Your personal data when:
- You navigate the Website,
- You communicate with Our Company through the Contact Form available on the Website (or otherwise),
- You subscribe to Our newsletter
- You have consented to Us collecting/receiving various types of personal data, either directly from You or from third parties and/or by automated means.
3.2. We process Your personal data under very specific circumstances, for very limited purposes and according to specific legal bases.
3.2.1. Communication with our company through Our Contact Form: We process the information You provide in our Contact Form in order to (a) handle any communication requests that You voluntarily submit to Us and (b) respond to You further to Your request. We only ask for Your name, Your e-mail and any information You wish provide on Your message. You may optionally fill out Your telephone number and fill out a subject for Your request, that will help Us identify and manage Your request faster.
In order to process these data, We rely on Your consent, which You provide to Us when You deliberately communicate in regards with Your request. You may withdraw Your consent at any time by contacting our Company through the contact details referred to in Section 1. Kindly note that when You communicate with Us through Our Contact Form, Your actions do not lead to Your subscription in Our list of newsletter recipients.
*Important notice regarding the information You provide to Us through the contact form:
We encourage You to provide Us only with the information that is strictly necessary for Your communication with Us. Try not to include in Your message information such as specific categories of personal data (e.g. health data) or any other information that is not absolutely necessary for the purpose of Your communication with our Company. We cannot (and have no obligation to) control the legality of the content of Your message. The Company shall not be held liable if the content of Your message is illegal and / or if You provide Us with personal data that are either unrelated or supersede the information that is absolutely necessary for the purpose of communicating with Us regarding Your request.
3.2.2. Newsletter Subscription: We are processing Your personal data when You voluntarily subscribe to our Newsletter. We do not process any data other than Your e-mail address.
When You fill out Your e-mail address in the respective field in our Website, You consent to receipt of advertising material from Us regarding the products and services, any offers and/or discounts, new collaborations of our Company, new Services etc. In case You do not wish to receive Our newsletter, You can unsubscribe from Our mailing list, either by clicking on the link provided in each Newsletter or by sending Us an e-mail at [email protected].
4. How long do We keep Your personal data for?
4.1. We will retain Your personal data for as long as You continue to interact with Us and for as long as this data is necessary to fulfill the processing purposes described herein (e.g. when communicating with our Company through the Website, the data will be retained only for as long as it is necessary for the communication between us). For example, We may store some of Your personal data for a short period of time in order to manage any legal claims or dispute related to the use of the Website that are brought against Our Company (e.g., extra-judicial disputes, any disputes and litigation before the competent courts and/or prosecutor and/or other authorities). We will only store those data for the period during which any liability for the processing may arise, in accordance with applicable law and for a maximum duration of 5 years.
4.2. In determining the retention time of Your personal data, We take into account the nature of Your data, the amount, the purpose of its processing, their security, etc. You have the right to ask Us to delete Your data provided that the legal rights of Our Company are not affected and / or there is no legal obligation to retain Your information according to the aforementioned. To learn about how to exercise Your rights, please refer to Section 5 of this Policy.
4.3. In any event, as long as We retain Your data, such information is securely stored, in accordance with the security measures set forth in Section 7 below.
5. What are Your rights and what are the procedures for exercising them?
5.1. You can exercise Your rights using our company’s contact details.
5.2. The rights that You can exercise (where appropriate and subject to the conditions set out in the General Data Protection Regulation – GDPR) are:
- the right of access (Article 15),
- the right of rectification (Article 16),
- the right of erasure (Article 17),
- the right to restriction of processing (Article 18),
- the right to data portability (Article 20),
- the right to object (Article 21),
- the right to human intervention in automated individual decision-making, including profiling (Article 22).
We take under serious consideration the confidentiality of all files that contain personal data and We reserve the right to ask You to prove Your identity if You exercise any of Your rights with regard to those files.
5.3. We will not charge You for the exercise of Your rights with respect to Your personal data unless, as stipulated by law, Your request to access certain information is unfounded or excessive, in which case We have the right to charge a reasonable fee under specific conditions. In any case, We will notify You of any charges before processing Your request.
5.4. Our goal is to respond to any valid requests within one (1) month after receiving them, unless it is particularly complicated, or in case You have made several requests. We will let You know if We are going to need more than one (1) month for the reasons listed above.
5.5. Report to a Supervisory Authority: You also have the right to lodge a complaint with the local Supervisory Authority about the processing of Your personal data after first contacting Us to find a solution to any of Your problems. In Greece, the Data Protection Supervisory Authority is the Hellenic Data Protection Authority - HDPA (www.dpa.gr), 1-3 Kifissias str., 11523 Athens, 2106475600, fax. 210 6475628.
6. Who are the third-party recipients of Your data?
6.1. For the smooth and uninterrupted operation of the Website Our Company works with third parties who gain access only to your personal data disclosed to Us, that are absolutely necessary for the functional and technical organization of Our Website, the optimization of the User experience, the submission of the Contact Form by the Users etc. Indicatively, our affiliated companies include the company that technically supports and hosts the Website and the company that supports Our newsletter delivery service.
Upon processing Your data to such third-party companies, We make sure to provide the highest level of safety, at all times. Your personal data are transferred only to service providers which have been carefully selected and are contractually bound with Us.
6.3. Our company generally stores all personal data within the European Economic Area (hereinafter “EEA”). In case of a transfer of data to a third country (located outside the EEA), for which there is no adequacy decision ensuring the safe data transfers between the EU and said country, or to International Organizations, Our Company implements all appropriate safeguards as provided by the applicable legal framework for the protection of personal data regarding said transfers to third countries and all necessary information shall be made available at our Website.
6.4. For example, when Your personal data need to be transferred to the USA or other non-EU/EEA countries, We might need to rely on Your consent, after You have carefully considered the potential risks to Your privacy. For instance, given that under a recent ECJ (European Court of Justice) ruling, the US data protection regime was considered inadequate to provide appropriate safeguards to ensure a level of protection essentially equivalent to the EU legal framework. A reason for that was based on the possibility of interference arising from the governmental surveillance programmes in the United States and the fact that EU citizens might not be granted actionable rights before the courts against the US authorities. In any case of transfer outside the EU/EEA, We will make sure to apply all appropriate and necessary safeguards, including Standard Contractual Clauses, to make sure that We have taken measures for the data transferred.
6.5. Third Parties for Advertising Products and Services: We do not actively share personal information with third party advertisers for their direct marketing purposes unless You give Us Your consent. We may share:
- aggregated information (information referring to You and other users of the Website collectively, which cannot directly identify You);
- (ii) anonymous information; and
- (iii) certain technical information (including IP Addresses, MAC Addresses for mobile devices and mobile device IDs) to develop and deliver targeted advertising in the Service and on the websites of third parties.
We may also allow advertisers to collect these and similar types of information from the Website which they may share with Us and/or use it for advertising. Advertisers may collect this information with the use of a variety of tracking technologies, including browser cookies and web beacons. The information collected may be used to offer You targeted ad-selection and delivery in order to personalize Your user experience by ensuring that advertisements for products and services You see will appeal to You, a practice known as behavioral advertising, and to undertake web analytics (i.e. to analyze traffic and other end user activity to improve Your experience). To learn more about behavioral advertising or to opt-out of this type of advertising for participating ad networks, You can visit the Network Advertising Initiative or the Digital Advertising Alliance.
6.6. In case our Company is succeeded by another entity, for example in case We proceed with a business change such as merger, joint venture, acquisition by another company, or sale of all or part of Our Company’s assets, We may transfer all users’ information and data, including personal information to the succeeding entity. If significant changes are made to our privacy practices as a result of the business transition, We will inform You before transferring Your personal data. In the course of this process, stored personal data in our file may be communicated to the competent judicial, police and other administrative authorities at their legal request and in accordance with the applicable laws. Furthermore, in the case of a statutory provision, an order of a competent Public Authority or a formal preliminary examination, We may need to make some of that information available to the respective Authority.
6.7. We will not sell or otherwise disclose personal data or other information to third parties other than the ones mentioned above, without Your consent, except for when the applicable legal framework suggests otherwise; even then, We will only disclose that information to the competent authorities.
6.9. Finally, We may need to provide personal data to law enforcement authorities in order to comply with a legal obligation or a court order.
7. How is Your data secure?
7.1. Our company implements all necessary security measures for the protection and safeguarding of Your personal data from accidental or unauthorized destruction / loss / tampering, prohibited transmission or access and any other form of improper processing (e.g. Secure Protocols, Strong Passwords, Firewalls, Access rights control, partially encrypted information). However, We cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. Unfortunately, the transmission of information over the Internet is not completely secure. Although We strive to protect Your personal data, We cannot guarantee the security of Your data at all times. Please note that any transmission of data over the Internet through Our Website is carried out at Your own risk.
7.2. The information You provide to Our Company is processed exclusively by specifically authorized personnel under our company’s control and instructions, as well as the recipients of the personal data when necessary. For the processing, Our Company appoints persons with the appropriate professional skills to provide adequate safeguards in terms of technical knowledge and personal integrity to ensure privacy and protection of personal data. Our Company implements all necessary security measures for protecting and ensuring privacy and confidentiality, as well as the integrity of personal data. In any case, the security of personal data in the Website environment is subject to factors beyond our company’s control, as well as factors relating to technical, functional or other problems of the network, reasons of force majeure or events of chance. The technical and organizational measures We have taken enable restoration of access and availability of personal data in a timely manner in the event of physical or technical incident.
Last Updated 27/01/2021