Klīnika Dzintari | Privātuma politika
17544
page-template-default,page,page-id-17544,ajax_fade,page_not_loaded,,qode-theme-ver-13.2,qode-theme-starflix,wpb-js-composer js-comp-ver-5.4.5,vc_responsive

“Clinic Dzintari” privacy policy

PRIVACY POLICY OF SIA KLĪNIKA DZINTARI (CLINIC DZINTARI)

 

The objective of the privacy policy is to provide information on the purpose, amount, protection and period of data processing to a natural person – data subject – at the moment of obtaining the data and during the processing of the personal data of the subject.

  1. Controller:
    • Personal data processing controller is SIA Klīnika Dzintari (Clinic Dzintari) (hereinafter – the Clinic), unified registration No. 40003461335, legal address Jūrmala, Mežsargu street 4/6, LV-2008.
    • The contact information of the clinic on the issues associated with personal data processing is: dzintari@dzintari.lv. Use this contact information for requests on personal data processing, or request at the legal address. Requests regarding the implementation of your rights can be submitted in accordance with this Privacy Policy.
  2. Applicability of the Privacy Policy
    • Personal data are any information on an identified or identifiable natural person.
    • The privacy policy is applicable for the purposes of ensuring privacy and personal data protection as regards:
      • natural persons – customers, patients and other service recipients, as well as third parties, who receive or submit any information associated with the provision of services to natural persons (patient, customer) to the Clinic (including information on contact persons, payers, etc.);
      • Visitors of the office of the Clinic, including the visitors that are subject to video surveillance;
      • Users of the internet website maintained by the Clinic;

(hereinafter all jointly – the Customers).

  • The Clinic shall take care of Customer privacy and personal data protection and observe the Customer’s rights for the legality of personal data processing in accordance with Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter – the Regulation) and other regulatory enactments in the area of privacy and data processing.
  • The privacy policy shall refer to data processing irrespective of the form of data submission or processing.
  • The clinic may establish additional regulations for certain types of data processing, regarding which the Customers are informed at the moment, when they provide the respective data.
  1. Purposes of processing – The Clinic processes personal data for the following purposes:
    • Provision of services;
    • Customer identification and servicing;
    • Drafting and conclusion of services;
    • Performance of contractual liabilities and provision of services;
    • Advertising and distribution of services or commercial purposes;
    • Review and processing of applications, complaints and claims;
    • Customer satisfaction measurements;
    • Administration of payments, debt recovery and enforcement;
    • Maintenance of the website and improvement of its operation;
    • Planning and advertising;
    • Performance of Customer polls;
    • Within the framework of risk management activities.
    • Provision of information to state government institutions and operative work subjects in the cases and within the scope provided for by external regulatory enactments.
    • For other specific purposes, regarding which the customer shall be informed before the provision of their personal data.
  2. Legal basis of personal data processing
    • for the conclusion of the contract and execution thereof – in order to conclude a contract, pursuant to the application, and to ensure its performance;
    • for compliance with the regulatory enactments – to perform the duties provided for by the regulatory enactments;
    • consent of data subject;
    • in legal (legitimate) interests – to implement the following legitimate (lawful) interests of the Clinic arising from the existing liabilities or concluded contract:
      • conduct of commercial activities;
      • ensuring of the performance of contractual liabilities;
      • storing of applications for the provision of services, other applications, notes about them, incl., verbal applications, applications drawn up on the internet website;
      • creation and development of services;
      • advertising of services by sending commercial statements;
      • sending other statements on the procedure of contract performance and events important for the execution of the contract, as well as performance of Customer polling about the services;
      • provision and upgrading of service quality;
      • administration of payments;
      • administration of payments not performed;
      • applications to central government and operative institutions and courts for the protection of the legal interests of the company;
      • informing the public on company operation.
  1. Personal data processing and protection
    • The Clinic shall process and protect data by using the opportunities provided by contemporary technologies, considering the existing privacy risks and reasonably available organizational, financial and technical resources.
    • The Clinic may authorize its co-operation partners to perform individual service provision actions to ensure high quality and operative performance of assumed contractual liabilities, for instance, accommodation services, drafting of invoices, etc. If, during the performance of these tasks, the co-operation partners process the personal data that are at the disposal of the Clinic, the respective co-operation partners are considered to be the data processing operators (processors) of the Clinic and the Clinic is entitled to submit the personal data required for the performance of these operations in the amount that is required to perform such operations.
    • The co-operation partners of the Clinic in the status of data processors shall ensure compliance with personal data processing and protection requirements in accordance with the regulatory enactments and will not use the personal data for other purposes, apart from the performance of the agreed contractual liabilities on the commission of the Clinic.
  2. Categories of personal data recipients
    • The Clinic shall not disclose personal data or any information obtained during the service provision and the effective period of the contract, including information on the character and nature of the services, etc., except for situations:
      • where the data must be submitted to the third party within the framework of the concluded contract to perform a function required for contract performance or a function delegated by the law, (for instance, to the bank within the framework of payment performance or in order to provide service);
      • where clear and unambiguous consent of the data subject has been received;
      • where the information must be provided to persons indicated in the regulatory enactments based on justified request of such persons, in accordance with the procedures and in the amount provided for by the regulatory enactments;
      • where the legal interests of the Clinic must be protected in the cases provided for by the regulatory enactments, for instance, when resorting to legal action or applying to other state institutions.
  1. Disclosing of personal data beyond the European Union
    • The Clinic does not transfer personal data outside the European Union.
    • If required, the Clinic shall ensure the procedures provided for by the regulatory enactments in order to ensure the level of personal data processing and protection that is equivalent to the level provided for by the Regulation.
  2. Duration of personal data storage
    • The Clinic shall store and process personal data, while at least one of the following criteria exists:
      • the concluded contract is in effect;
      • in the cases provided for by the regulatory enactments in the amount and within the period provided for by them;
      • while any of the parties has a legal duty to store the data;
      • the consent of the data subject to the processing of the personal data of the respective person is in effect, unless other legal grounds for data processing exists.
    • Upon the expiry of the data storage period, the personal data shall be deleted or destroyed.
  3. Access to personal data and other rights
    • The Customer shall be entitled to receive the information associated with their data processing that has been provided for by the regulatory enactments.
    • In accordance with the regulatory enactments, the Customer is entitled to request access to their personal data, as well as to request the supplementing, amending or deletion of processed data, or limitation of data processing, as well as they are entitled to object to data processing (including the processing of personal data that has been performed based on the legal (legitimate) interests of the Clinic), as well as the Customer shall have the right to transferability of the data. These rights shall be implemented as long as data processing is not contingent on the duties of the Customer that are enforced by the effective regulatory enactments and it is not performed in the public interest.
    • The customer can submit a request for the implementation of their rights:
      • in writing personally at Mežsargu street 4/6, Jūrmala, by demonstrating a personal identification document;
      • by an electronic mail letter, which is signed by a secure electronic signature.
    • Upon the receipt of the Customer’s request for the implementation of their rights, the Clinic shall verify the identity of the Customer, evaluate the request and satisfy it in accordance with the provisions of the regulatory enactments.
    • The clinic shall send the reply to the received request by mail to the indicated contact address in a registered letter, or issues personally, considering the method for the receipt of the reply indicated by the Customer as much as it is possible.
    • The Clinic shall ensure compliance with data processing and protection requirements in accordance with regulatory enactments and, in the event of objections, take action to resolve objections. However, if resolution of the objections fails, the Customer is entitled to apply to the supervisory institution – Data State Inspectorate.
  4. Consent to data processing and the right to recall it
    • If data processing of the customer occurs in accordance with the consent to personal data processing, the Customer is entitled to recall consent given for data processing at any moment in the same way as it was given and, in this case, further data processing that is based on the consent given previously will no longer be performed.
    • The recalling of consent does not affect the data processing that had been performed at the time when Customer consent was in effect.
    • Upon the recalling of consent, the data processing that is performed based on other legal grounds cannot be terminated.
  5. Communication with the Customer
    • The Clinic shall communicate with the Customer by using the contact information indicated by the Customer (telephone number, e-mail address, postal address);
    • Communication regarding the provision of services and the performance of contractual liabilities shall be performed by the Clinic based on the concluded contract or customer consent.
  6. Commercial statements
    • Communication on the commercial statements on the services of the Clinic and/or third parties and other statements not directly related to the provision of the contractual services (for instance, customer polls) shall be performed by the Clinic in accordance with the provisions of external regulatory enactments or in accordance with the Customer consent.
    • The Customer can give consent to the receipt of commercial statements of the Clinic and/or its co-operation partners in the consent forms to the services of the Clinic, on the internet website of the services (for instance, application forms for the receipt of news).
    • The consent given by the Customer to the receipt of commercial statements shall be in effect until it is recalled (including the termination of the service contract). The Customer may refuse to receive further commercial statements at any time in one of the following ways:
      • by sending an e-mail to the address dzintari@dzintari.lv;
      • personally in Jūrmala at Mežsargu street 4/6;
      • by using the automated option of refusal to receive further statements provided within the commercial statement, by clicking on the refusal link at the end of the respective commercial statement (e-mail).
    • The Clinic shall terminate the delivery of commercial statements, as soon as the Customer’s request is processed.

 

  1. Visiting websites and processing of cookies
    • The websites of the Clinic can use cookies.
    • The website of the Clinic can contain links to third party websites that have their own publishing and personal data protection regulations that the Clinic shall not be liable for.
    • Cookies are small text files that are saved by the web browser (for instance, Internet Explorer, Firefox, Safari, etc.) on the end device of the user (computer, mobile phone, tablet) at the moment when the user visits the website to identify the web browser or information, or settings stored on the browser. Thus, cookies allow the website to store individual settings of the user, recognise the user and react appropriately with the purpose of improving the experience of the use of the website. The user can disable or limit the use of cookies, however, adequate use of all website functions without cookies will be impossible. Depending on the performed functions and the purpose of use, mandatory cookies, functional cookies, analytical cookies and targeted (advertising) cookies can be used.
    • Mandatory cookies. These cookies are required to enable the user to freely visit and browse the website and use the options offered by the website, including the option of acquiring information on services and the purchasing thereof. These cookies identify the device of the user, but do not disclose the identity of the user, as well as they do not collect and summarize information. The website cannot function adequately without these cookies, for instance, provide the required information to the user, ensure the required services or application for services. These cookies are stored on the device of the user until the moment when the web browser is closed.
    • Functional cookies. Functional cookies are used by the website to remember the settings selected by the user and options made by the user in order to make the use of the website more convenient. These cookies are constantly stored on the device of the user.
    • Analytical cookies. Analytical cookies summarize the information on how the user uses the website, detect the most frequently visited sections, including the content that the user chooses, while browsing the website. The information is used for analytical purposes to determine what the users of the website are interested in and to improve the functionality of the website by making it more user friendly. Analytical cookies only identify the device of the user, but do not disclose the identity of the user. In individual cases, some of the analytical cookies are managed by third persons – data processors (operators), for instance Google Adwords, on behalf of the website owner in accordance with the website owner’s instructions and only in accordance with the indicated purposes.
    • Targeted (advertising) cookies. Targeted (advertising) cookies are used to summarize the information on the websites that are most frequently visited by the user and offering the services of the Clinic or co-operation partners that the particular user is interested in or to present the offers that conform to the interest demonstrated by the particular user. Usually these cookies are placed by third persons, for instance, Google Adwords with the consent of the website owner. Targeted cookies are stored on the end-device of the user constantly.
    • Cookies are used to improve the experience of websites and homepages:
      • ensure the functionality of websites;
      • adapt the functionality of the website to usage habits of the user – including language, search requests, previously reviewed content;
      • obtain statistical data about the visitor flow of the website – number of visitors, time spent on the website, etc.;
      • user authentication.
    • Unless specified otherwise, cookies are stored until the operation, for the purpose of performance of which they have been collected is completed, and then they are erased.
    • Cookie information is not transferred for processing outside the European Union and EEU.
    • Upon a visit to the website, a window with the notification that cookies are used on the website is displayed. By closing this notification window, the user confirms that they have read the information on cookies, purposes of their use, cases where cookie information is transferred to a third party and agrees to them. Respectively, the legal basis for the use of cookies is the consent of the users. If, while using the website or homepage, the user concludes a contract – the processing of cookies is required for the performance of the contract with the user, or for the Clinic to perform their legal duty or implement their legal interests. Limiting or deletion of cookies is possible by using the safety settings of any web browser. However, it must be considered that it is impossible to refuse to use mandatory and functional cookies, because it is impossible to ensure appropriate use of the website without them.
  2. Miscellaneous provisions
    • The Clinic is entitled to amend the Privacy Policy, by making it accessible to the Customer on the website or the paper form of the Clinic.
    • The clinic stores the previous editions of the Privacy Policy and they are accessible on the website of the Clinic.