Privacy Policy – Personal Data Protection
The Orthopaedic Surgeon Dr Konstantinos Evangelou takes into consideration the protection of the privacy of his patients and clients, recognizing the fundamental importance of protecting personal data. For this reason, the aforementioned special doctor follows this Personal Data Privacy Policy with responsibility and rigor, which ensures the high level of medical services offered to you and strictly adheres and complies to the current legal framework, having fully complied with its obligations as Data Controller deriving from the General Data Protection Regulation (EU) 2016/679 (GDPR).
This Personal Data Protection Policy in accordance with Article 13 of the General Data Protection Regulation of the EU 2016/679 (GCPR or GDPR), as well as the relevant Greek legislation in force, informs you of the personal data relating to you, which is collected and processed by the aforementioned specialist doctor, the legal basis for their processing, the purposes of their processing, the way they are used and protected, the possibilities and the rights you have under the above legal frame.
This Personal Data Protection Policy, which provides any person – patient – client receives or is interested in receiving services from the above – mentioned specialist doctor may be amended at regular intervals to ensure that it is always up – to – date and consistent with existing legal provisions. Please visit our website papasotiriou-ortho.gr regularly to make sure you are aware of any changes. It will also be available at the receptionist’s facilities of the above specialist doctor premises.
What is personal data? – Basic Definitions
The term “personal data”, in accordance with Article 4§1 of the General Data Protection Policy (GDPR), refers to any information relating to an identified or identifiable individual (data subject), hereinafter referred to as “Personal Data or Data “. an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The term “processing” of personal data “in accordance with Article 4§2 of the General Data Protection Regulation of the EU 2016/679 (GDPR) refers to any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The term “Controller” of personal data, in accordance with Article 4§7 of the General Data Protection Regulation of the EU 2016/679 (GDPR), refers to the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
The term “data processor” of personal data pursuant to Article 4§8 of the General Data Protection Regulation of the EU 2016/679 (GCPR or GDPR) refers to the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The term “consent” of the person subject to personal data pursuant to Article 4§11 of the General Data Protection Regulation of the EU 2016/679 (CPC or GDPR) refers to any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
The term “data concerning health” in accordance with Article 4§15 of the General Data Protection Regulation of the EU 2016/679 (CPC or GDPR) refers to personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.
What personal data relating to you does the above specialist doctor collects?
The aforementioned specialist doctor collects and processes only those personal data related to you which are strictly necessary to serve the purpose for which they were given and are used only for that purpose and only after the above specialist doctor has received your explicit prior consent. Particularly:
Common personal data relating you:
The specialist doctor collects only those personal data relating you which may include, but are not limited to: name, surname, gender, nationality, personal / family status, age, contact details (home address, and / or mobile phone number, e-mail address), bank details and payment details, ID number and / or Social Security Number (SSN), VAT number, competent tax office. This information and data will be included in the folder/domain and / or tab that will be created in either electronic or printed form.
Health data (sensitive data):
The aforementioned specialist doctor collects personal and health data relating you which are absolutely necessary for the provision of his medical services and care and the fulfillment of his obligations (i.e. medical history) under the necessary condition that you have explicitly provided him with your prior explicit consent for both your personal data collection and the provision to you of the relevant medical services offered by specialist doctor, either for health restoring/prevention purposes. All the aforementioned personal data relating you will be included in the folder that will be created either electronically or in paper form after you visit the doctor’s facility.
Data and Contact Details:
The aforementioned specialist doctor collects your name, address, and your contact information (including your email address and your phone number (landline and / or mobile).
Necessary Information for Payment and Invoicing:
In addition, the above specialist doctor collects information relating you which are necessary for pricing and payment of his services, as well as handling payment issues, such as your VAT, ID number, bank account details and payment information (eg IBAN), etc.
Online activity data:
The aforementioned specialist doctor also collects personal data relating you when you are using his online services and websites provided you have explicitly given your prior consent to that purpose. These personal data relating you may include your social media account ID, your IP address, and other online identifiers that you provide on-line when you are using the above website. The above stated clarifications applies only to online services and websites owned by the aforementioned specialist doctor and does not apply to information and persona data collected through any other web site or service.
The above specialist doctor states that he will not collect and process personal data relating minors without first obtaining the explicit and prior consent of the person who exercises parental care or custody of the minor.
What is the purpose of processing your personal data?
The aforementioned specialist doctor will process your personal data for the purposes listed below:
- To fulfil his contractual obligations to you, namely the provision of medical services either for the purpose of rehabilitation and / or prevention of a health problem, medical diagnosis and / or treatment purposes.
- To improve the quality of medical services provided to you.
- For any kind of communication with you in the context of services provision (including phone call, SMS, sending an e-mail to inform you about new services, remind, confirm appointment and / and recheck).
- To assess your qualifications and competencies you provide through CV for a job application in the premises of the above specialist doctor and for communicating with you for that purpose.
- For the general compliance of the specialist doctor with his / her legal obligations, resulting from the applicable tax, insurance, labor law, health laws and regulations, regarding the provision of his services and his general legal obligations, including his obligation to maintain a medical record (article 14 Greek Medical Ethic Code), the maintenance of a health data processing file (article 30 GDPR)
- To comply with medical procedures and court judgments in order to respond to requests from public and state agencies and authorities in the exercise of their public authority.
- To fulfil his legal interests.
- To defend his legitimate rights and claims in order to protect his legitimate interests or his associates and in order to safeguard his rights, privacy, security or property and his associates, your own legal claims or your rights, or others people.
From where the above specialist doctor collect and process your personal data?
Your personal data is collected:
- From you, when you contact him by phone, when filling electronic forms or sending an e-mail, or any other communication you may have with him for information or make use of his services.
- Automatically through your browser or mobile device that you use to access his website. When you visit and use his website for informational purposes only, he collects only the Personal Data relating you, which your browser transmits to the server (web page) and are technically necessary for properly displaying the website to you guaranteeing stability and security. Except for any Personal Data relating to you that is collected by Cookies ( Cookies Policy here), your Personal Data collection is limited to what you have expressly provided for a specific purpose and provided you have given your explicit prior consent. Also, the above specialist doctor collects Personal Data that is relevant to you during your visit to his website provided that you have expressly consented to this, by filling in the relevant fields.
- From social media pages, other social media content, tools, and applications.
- From you, when you visit specialist doctor premises to get information about the services provided in order to be able to provide his services to you.
Legal basis for processing your personal data
The processing of both your common personal data and your sensitive data is done in the performance of his contractual obligations to you, i.e. the provision of his services to you and is based on:
- by positive action, free, specific, explicit and fully informed consent, which you can freely revoke at any time.
- the conclusion and execution of a service contract between you and the above specialist doctor.
- upon your request when you visit his premises to receive information regarding services provided.
- the legal obligation of the specialist doctor to provide his services to you and to comply with applicable national and / or European legislation and to fulfil his legal obligations to public / state agencies and authorities.
- in his legitimate interest in the provision of his services, in the establishment, exercise or support of his legal claims.
Time of retention of your personal data
- When the aforementioned specialist doctor provides you his medical services, either for remedying a health problem and / or for prevention purposes, medical diagnosis or treatment, he maintains your personal data for as long as the relevant legislation, i.e. Greek Law 3418/2015, stipulates which is a period of at least ten (10) years,
- When the aforementioned specialist doctor must comply with a legal or regulatory obligation, he maintains your personal data for as long as it is required, in accordance with the relevant legislation in order to comply with his obligation.
- When it comes to communicating with you in general, your consent statement is kept for as long as you do not recall it.
- When it comes to filling a job position and sending a CV for a period of six (6) months from receipt.
Technical protection measures taken by the specialist doctor to protect your personal data
When you provide your personal data to the above specialist doctor, he takes the appropriate technical and organizational measures to ensure that they are kept in safety.
- Storing and maintaining your personal data (both common and sensitive) in electronic or printed form, in a special storage area, protected and secure, without unauthorized access.
Who are the recipients of your personal data?
The specialist doctor guarantees that he will not transmit, notify, concede, etc. your personal data (except as outlined above) unless it is required by applicable law and is required to be made to public / judicial / supervisory bodies and authorities. In each transmission of personal data on his own behalf the specialist doctor shall take all appropriate technical and organizational measures to ensure that the data transmitted are the minimum necessary and that the prerequisites for their lawful processing are met.
Your rights
You have the following rights under the legal framework of the GDPR:
- Right to access – Right to receive information on whether data is being processed and accessed. Right to information on this processing (who, for what purpose, recipients, retention period, etc.)
- Right to rectification – Right to correct inaccurate personal data and fill in incomplete information.
- Right to erasure (‘right to be forgotten’) – Right to request the deletion of any data relating to the subject under certain conditions and to the extent that it does not conflict with any other legal provision (data that are no longer necessary, withdrawal of consent, data submitted to illegal processing).
- Right to Restrict Processing – when data accuracy is questioned, processing is illegal, data is no longer needed by the controller, the data subject opposes the automated processing.
- Right to data portability – Right to request the transfer of personal data to another Person responsible for processing in a structured, widely used and mechanically readable form, as long as this does not conflict with another prohibition of law (eg medical confidentiality)
- The right to address to the relevant data protection authority for any matter concerning its competence in relation to the above described processing of personal data relating you.
You can exercise your above rights upon submitting a written request to the above doctor, who must respond to you without charge and within 30 days from the date of filing the application.
Consequences of non-provision of your data
In order the above specialist doctor to be able to provide you his services and perform of his contractual obligations the provision of your personal data is necessary; therefore, in the event of your refusal, for your provision of your necessary personal data, he will not be able to provide you with his services.
How do you contact us?
You can contact us for any questions regarding the processing of your personal data by sending an email to: drkonstantinos.evangelou@gmail.com
Publication Information – Changes and Updates
This Privacy Policy was last updated on [20.12.2020].
The above stated specialist doctor reserves the right to modify and update this Privacy Policy at any time, for any reason, without notice to you, other than posting the updated Privacy Policy on his website. It may periodically send an email to remind you of the changes and updates of this Privacy Policy, but you should check this website frequently to update your current Privacy Statement.
Cookies Policy
What cookies are
Cookies are small text files which are stored on your computer or your mobile phone when you visit a website. This way, the website remembers what you did on the website for a certain period of time, and you do not need to enter your preferences each time you visit it or navigate between its pages. Cookies do not collect information individually, but when they are read by a server through a browser program they can provide information and offer a more user-friendly experience.
What types of cookies papasotiriou-ortho.gr uses
It uses persistent cookies and session cookies.
The session cookies are deleted after you finish browsing and/or close your browser.
The persistent cookies remain in your computer or your mobile phone until you delete them yourselves or for a specific period.
Moreover, when you visit our website, certain affiliates (Google Analytics, Google AdWords, Facebook Pixel Code) place third-party cookies. They use these cookies to collect information about the effectiveness of adverts and your interaction with our website.
Our affiliates may use this information to draw statistical conclusions and improve your advertising experience as a visitor.
What cookies we use on our website and what information they collect
The orthopedikos.org website uses cookies for various purposes, depending on their function:
Essential cookies – Essential cookies are absolutely essential for the website to operate properly. They allow you to browse the website and use its features, such as accessing secure areas or using the shopping basket. These cookies do not identify you. Without these cookies, our website cannot operate effectively.
Functionality cookies – Functionality cookies allow the website to remember choices you make, such as your user name, language and the region you are in. This means we can provide you with enhanced, personalized features. Moreover, they help us provide services you have asked for, such as watching a video or using social media. They do not enable us to track your browsing activity on other websites.
Traffic data processing cookies – We use traffic data processing cookies to track technical issues that might arise while you are browsing our website. Based on the information collected by these cookies, we correct technical issues and problems and we constantly improve the services offered on our website. This enables us to better meet your personal needs. The cookies are not used for any purposes other than the ones described in this document.
Performance cookies – Performance cookies collect information about how you use our website, for instance which pages you visit most often, and whether you get error messages. All information collected by these cookies is aggregated. It is only used to improve our website performance.
Targeting/Advertising and usage statistics cookies – These cookies are used to deliver content that is more relevant to you and your interests. They may be used to deliver targeted adverts/offers, to limit advert views and to measure the effectiveness of an advertising campaign. They may be used so we can remember the websites you have visited, so as to identify the effectiveness of digital marketing channels and reward other websites and affiliates for redirecting you to our website. To improve our website, we also use cookies to collect information about the time and way in which visitors interact with our website, the adverts and the services it offers. For instance, cookies are used to determine how many times a visitor saw a certain product or service, and whether they chose to share it on a social media platform.
Social media cookies – These cookies are necessary to sign in to your social media account through our website. For example, you may share information from our website on social media or with your friends, or follow our website on social media. The social media cookies are not necessary to browse through our website.
How to control cookies
Cookies are stored on your computer or mobile phone after you have been notified of the privacy settings and have given your consent for each cookie category, with the exception of essential cookies, functionality cookies and traffic data processing cookies, for which explicit consent is not required. Unless you accept cookies or certain cookie categories, some of your website features may not be fully available, but in any case, you will not be denied access to our website.
It is up to you at any time to withdraw your consent, object to the use of cookies on your computer or browser, or control and/or delete the cookies.
You may delete the cookies from the computer or mobile phone you use at any time as follows:
- For Mozilla Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
- For Google Chrome https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
- For Internet Explorer: https://support.microsoft.com/en-us/help/278835/how-to-delete-cookie-files-in-internet-explorer
This way you withdraw your consent for the use of cookies on your computer or mobile phone.
You may also set your browser to warn you on the use of cookies for specific website services or to not allow the use of cookies in any event.
What your rights are
You have the right to ask for information on the processing of your data, have access to it, and rectify and/or supplement it at any time. You also have the right to request erasure of your data, request restriction of its processing or withdraw your consent on the use of some or all the cookies, and by extension on the processing of your data. Please find more information on the Greek Data protection Authority website: https://www.dpa.gr/en
To exercise your rights on orthopedikos.org, you may email your request to drkonstantinos.evangelou@gmail.com.