privacy policy

Home / privacy policy

PRIVACY POLICY REGARDING PERSONAL DATA

Data confidentiality is extremely important for SC LISIMED SRL and we want to be as transparent and open as possible regarding the processing of personal data. Therefore, we have adopted the policy that defines how we process and protect your personal data. Ensuring the protection and appropriate use of personal data is a permanent priority for us.

 

We are constantly improving security and data privacy measures to ensure the highest standards imposed by Regulation 679/2016 of the European Parliament and the Council of the European Union on the protection of individuals with regard to the processing of personal data (hereinafter "GDPR"), which strengthens the rights of data subjects and the security of personal data processing in the European Union. It entered into force as of May 25, 2018. In this context, we are contacting you to inform you about your rights regarding the personal data that belong to you and that may be held and processed by us.

 

The EU General Regulation on the protection of personal data 679/2016 / GDPR, which repealed and replaced law 677/2001 on 25 May 2018, describes personal data as any information relating to an identified or identifiable natural person (the person concerned ) directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, as well as one or more specific factors, physical, physiological, genetic, mental, economic, cultural or social of that natural person. Personal data therefore refer to a natural person, who can be identified by using the previously mentioned data categories. The identification can be made by a single piece of information or by correlation with any other information in the possession of the data controller or that could come into its possession. In accordance with our obligations to inform you about any data processing operation your personal information, we inform you of the following:

 

Who is SC LISIMED SRL?

SC LISIMED SRL. is a Romanian legal entity, registered at the Trade Register attached to the Olt Court under number J28/871/2004, with Unique Registration Code - 17070485, with headquarters in the municipality of Slatina, str. Jianu, no. 3, county of Olt.

 

What personal data is processed by SC LISIMED SRL on the date of transmission of this privacy notice?

SC LISIMED SRL can process any of the following categories of personal data that could concern you:

  • Name
  • First name
  • Address
  • CNP
  • Phone number
  • email address
  • Transaction history

 

How does SC LISIMED SRL manage your personal data?

SC LISIMED SRL complies with its obligations under national legislation and the GDPR through actions such as:

– Updating personal data;

– Storing and destroying them safely;

– Avoiding the collection or storage of excessive amounts of data;

– Application of appropriate technical measures to protect personal data;

– Protection of personal data against loss, misuse, unauthorized access and disclosure;

 

For what purposes can SC LISIMED SRL process your personal data?

SC LISIMED SRL can use your personal data for the following purposes:

  • Conclusion and execution of requests for medical services and related service contracts
  • The provision of services associated with the conclusion, execution and management of contracts (on all communication channels used by SC LISIMED SRL), for purposes that include:
  • providing information
  • solving patients' requests
  • resolving claims and petitions
  • informing the persons concerned about news, events, as well as documentation and reporting in accordance with the laws in force
  • operation of corporate web pages and client portals
  • conducting market research (including surveys) and marketing campaigns regarding current or potential goods and services
  • operating and tracking activities on social media channels.

 

In what situations is the processing of your personal data justified?

SC LISIMED SRL can base its processing of your personal data on any (one or more) of the legal grounds below:

  • Consent: the data subject has given his consent to the processing of his personal data for one or more specific purposes.
  • Execution of a contract: processing is necessary for the execution of a contract to which the data subject is a party or to take steps at the request of the data subject before concluding a contract.
  • Compliance with legal obligations: processing is necessary to comply with the operator's obligations arising from laws or other normative acts.
  • The legitimate interest of the operator: the processing is necessary for the purposes of the legitimate interests pursued by the operator or a third party, unless the interests or fundamental rights and freedoms of the data subject prevail, which involve the protection of personal data, in particular when the person the target is a child.

 

In what situations can your personal data be transferred to other parties?

There may be situations where it is necessary to transfer your personal data to certain suppliers/proxies who provide services to/on behalf of our company. If we need to pass on your personal data to a third party, we will only do so after obtaining your consent or for the purpose of performing a contract, unless we are legally required to do so. Any third parties to whom we communicate your data are obliged to keep this data safe and use it only to perform the activity for which they were authorized under the law or the contracted service. When they do not need your data to provide this service, they will destroy them under the conditions provided by the regulations in force, according to our procedures, issued in accordance with them.

 

What is the duration of the processing/retention of your personal data?

We will not keep your personal data longer than is reasonably necessary, in accordance with the purpose of this processing or in accordance with applicable legal obligations.

 

What are your rights regarding personal data?

Unless you are subject to an exception under the General Data Protection Regulation, you have the following rights regarding your personal data:

  • The right of access – you have the right to request a copy of the information we hold about you.
  • The right to rectification – you have the right to correct the data we hold about you, if it turns out to be inaccurate, incorrect or incomplete.
  • The right to be forgotten – in certain circumstances, you can ask for the data we hold to be deleted from our records.
  • The right to restriction of processing - under certain conditions, you have the right to request the restriction of the processing of your personal data.
  • The right to portability – you have the right to request the transfer of the data we hold about you to another organisation, if the applicable conditions regarding this data are met.
  • The right to object – you have the right to object to certain types of processing, such as, for example, processing for direct marketing purposes. The right to object to the processing of your personal data for the purpose of direct marketing communication is absolute and cannot be denied by us under any circumstances.
  • The right to object to processing acts involving automatic decision-making – you also have the right to object to data processing acts involving automatic decision-making (eg profiling).
  • The right to complain - if we refuse your request for access to personal data that belongs to you, we will give you a reason for the refusal. If you are unsatisfied with the answer, you can report to the data protection officer of SC LISIMED SRL and/or the relevant authorities (ANSPDCP).

If the basis for the processing is your consent, we remind you that you can revoke this consent at any time. If consent is the only legal basis for processing, any processing of your personal data will cease once you have revoked this consent, but this will not affect the processing of personal data that was carried out before the revocation.

 

What are the special circumstances?

  • Transfer of data abroad – if personal data will be transferred to countries or territories outside the EU, we will communicate details of how the data will be protected, together with details of how to obtain the relevant safeguards.
  • Automated decision-making – if we develop an automated decision-making process through personal data processing acts, we will provide you with details of any processing together with information about the meaning and consequences of the processing.
  • Further processing – if we want to use your personal data for a new purpose that is not covered by this data protection notice, we will provide you with a new notice explaining this new use before we start processing and setting out the relevant purposes and conditions Processing. When and whenever necessary, we will seek to obtain your prior consent for new processing.

 

How can you contact us?

For more details and to ask questions or complaints regarding the protection of your personal data, you can use the following contact details:

Responsible for the protection of personal data of SC LISIMED SRL: VLAICU SEBASTIAN; E-mail: contabilitate@lisimed.ro