PRIVACY DECLARATION – PERSONAL DATA PROTECTION POLICY
The company “Leverage Teleradiology Sole Proprietorship PC” is committed to protecting your privacy and handling your personal data in an open and transparent manner and in accordance with the definitions and requirements of the General Data Protection Regulation (GPA) no. 2016/679 on the Protection of Natural Persons against the processing of personal data and on the free movement of such data.
The collection and processing of personal data depends on the service or work assigned or agreed on a case-by-case basis, on a case-by-case contractual basis that binds us to the Personal Data subject (hereinafter IFRS), on legal obligations imposed on us by the current legislation, the legal rights granted to us, as well as by the explicit consent of the subject on a case by case basis.
They shall be processed within the expressly defined purposes, on the basis of the principles of legality, objectivity and transparency, the limitation of the purpose and the storage period, the minimization of data, accuracy, integrity and confidentiality and within the framework of necessity. and proportionality governing each processing operation. At the same time, it is ensured that from the beginning (“by design and by default”) technical and organizational security measures are taken to comply with the above system of principles, as well as its periodic review and updating.
Scope of Privacy Statement
The status of personal data protection is hereby determined, in the context of their processing by the company. This addresses and concerns persons traded with it, as well as any person whose personal data enters in any way in the possession of the company (candidates and existing partners of the company, ie customers, patients, etc.) and is described. the system of rules by which this processing takes place.
- Company Details
The “Leverage Teleradiology Sole Proprietorship PC” (“Leverage Teleradiology Sole Proprietorship PC”), is an approved legal entity of private law corporate type of sole proprietorship private capital company, based in Pylaia, Thessaloniki, 4B Ekatis Street, where its headquarters are located. It was established on 07.02.2019 and bears the Registration Number of GE.MI Companies: 149156605000.
Our company operates as the controller of the IFRS and the representative of the controller has been appointed Dimitrios Balis
The contact details with him are:
Address: Ekatis 4B, PC 55535 in Pylaia, Thessaloniki // e-mail: firstname.lastname@example.org // contact phone: +30.6932462271
Our company’s Data Protection Officer has been appointed μαζί and the contact details with him are: Address: Ekatis 4b’ – pylaia – thessaloniki // e-mail: email@example.com // contact phone: +30.6932462271
All kinds of written requests are submitted to the above postal and electronic addresses, as provided herein and in the law, either electronically or in printed form (in person by the subject of the IFRS himself or with a certified authorization to a third party for the original signature).
- Technical and Organizational Security Measures
The company takes from the beginning (“by design and by default”) the appropriate technical and organizational measures to ensure the protection of personal data and access to it for processing only by the controller or other persons authorized by him and exclusively for the legitimate purposes for which they have been collected, based on the applicable regulatory framework.
In the context of the present, the definitions of G.K.P.D. are used, among which the following are indicative:
“Personal data” (hereinafter referred to as IFRS) means information relating to identifiable or identifiable natural persons (“data subjects”), ie persons whose identity can be established directly or indirectly, in particular by reference to an identifier such as name, identity number, position data, online identity card or one or more factors that characterize the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
“IFRS processing” means any operation or sequence of operations performed with or without the use of automated means, in IFRSs or in IFRS assemblies, such as the collection, registration, organization, structure, storage, adaptation or modification; the retrieval, search for information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction.
“Processor” means a natural or legal person, public authority, service or other entity which, individually or jointly with others, determines the purposes and manner of processing personal data – where the purposes and manner of processing laid down by Union law or the law of a Member State, the controller or the specific criteria for his appointment may be laid down by Union law or the law of a Member State.
- Method of collection and retention time of IFRS
The company receives and processes IFRS, only in the context of a transactional relationship and in the context of its purpose of operation, depending on the type of contract or the service provided or the project assigned to it, which, indicatively mentioned, may be: , contact details (address, telephone number, electronic contact address), Tax Identification Number, Tax Identification Number, tax information for invoicing purposes, medical data (illustrations received from cooperating medical diagnostic centers, etc.), depending on the case.
The above information comes to our company, after their submission by the subjects in the context of a transactional or contractual relationship or in view of an application for the conclusion of such or from publicly accessible sources or from the diagnostic centers, with which the subjects contract.
IFRSs are kept for the period during which the contractual or business relationship between us lasts or for as long as your relevant consent exists or for the reasonable legal time to serve our rights or legitimate interests or for the exercise of our legal rights or in compliance with current legislation. You may at any time revoke your consent to the processing of the IFRS that concerns you, by notifying us in writing of your request, knowing that receipt of the request does not affect the legality of the prior processing, nor does it require compliance with your request, if another overriding legal reason prevails.
- Processing of special categories of IFRS and data concerning children
Our company does not process IFRS specific categories, such as those related to your racial or ethnic origin, your political views, your religious or philosophical beliefs, your participation in a trade union, etc., in order to identify you as its subject. processing.
It processes, however, health data in the context of its activity as a provider of diagnostic-teleradiology services, providing the digital platform for the transfer of images from diagnostic centers to physicians and vice versa of opinions from physicians to diagnostic centers.
The processing of IFRS concerning minors is carried out subject to the prior consent of the parents or those exercising parental responsibility, as provided by law, which takes place by the cooperating diagnostic centers.
- Purpose of IFRS Processing
The company carries out the necessary and necessary processing of IFRS, with the smallest possible intervention, to fulfill the following purposes, indicatively mentioned:
- Concluding and executing a contract – provision of services
- Fulfillment of a legal or contractual obligation or legitimate interest or safeguarding of vital interests
- Promotion of products and services, under legal conditions
Our company does not require for the conclusion of a contract data that are not required by the current legislation and consequently does not refuse the conclusion of a contract, as long as the subject consents to the provision of the legally necessary data that concern him.
In general, in the exercise of our activities, we do not use an automated process for making decisions or concluding a transactional relationship.
- IFRS recipients
Only the controller, its representatives or processors or legally authorized persons, within the scope of their responsibilities, have access to the IFRS that concern you, within the framework of proper execution and fulfillment of the contractual, legal and regulatory obligations of the company.
The company does not transmit or disclose IFRS to third parties, except to:
-cooperative physicians for the assignment and execution of diagnostic services, who are contractually bound by the Code of Medical Ethics),
-Public Authorities, Bodies of the wider Public sector, if obliged to do so
-cooperative natural or legal persons (eg accountants, lawyers, etc.), in the context of lawful exercise of contractual rights and fulfillment of legal obligations
-Electronic Transmission and Storage Companies, Providers of Electronic Services and “Cloud” Services, for electronic data management
-Credit Institutions and Payment Institutions, for the fulfillment of monetary and credit obligations and rights.
Our company legally ensures that the processors on its behalf meet the required conditions, provide adequate security guarantees for the implementation of appropriate technical and organizational measures and adhere to the commitment of confidentiality, so that the processing of IFRS does not affect the rights of subjects.
In addition, the company does not transmit IFRS to third countries or international organizations, unless required by applicable law or regulation.
- Rights of IFRS Subjects
In the context of the implementation of the GCP, you retain the following rights, which you can exercise by submitting the relevant forms, electronically or in writing, according to the above:
- Right of access (information on complied with IFRS and receipt of copies)
- Right of correction (correction of inaccurate or incorrect information in the observed IFRS)
- Right of deletion (deletion of data or cessation of their use, under the restrictions provided by the GCC)
- Right of restriction (under the conditions set out in the GCC)
- Right to portability (direct transfer of IFRS to a third party, at your suggestion, in a properly structured format)
- Right of objection (provided that there are no compelling and lawful grounds for processing that are superior to your interests, rights or freedoms or for establishing, exercising or upholding legal claims)
Our company responds to your requests free of charge, without undue delay and within one month of their receipt, except in special cases, in which case the above deadline may be extended by two more months, if required, given the complexity or volume of requests. In the latter case, the company informs about the extension and the reasons for the delay within one month from the receipt of the request.
If your request is deemed manifestly unfounded or excessive by the controller, it reserves the right to charge a reasonable fee for processing it, taking into account the costs of satisfying it, or even refusing to pursue it.
In case your request cannot be satisfied, the company will inform you about it without delay, no later than one month from its receipt, for the relevant reasons and for your right to submit a complaint to the Personal Data Protection Authority (APDPH – 1-3 Kifissias Ave., PC 11523, Athens, tel .: 210-64.75.600 or e-mail: firstname.lastname@example.org), but also for your right to appeal to the competent judicial authorities.
“Cookies” identification files or electronic cookies are short software code texts, which are sent for storage from the website (“server”) of the company “Leverage Teleradiology Sole Proprietorship PC”. to the user terminal equipment via the browser used by the user.
The storage of cookies is allowed ONLY after the consent of the user, which can be implemented through the user’s browser or other application for the purposes of processing mentioned above. The user also has the ability to delete the Cookies stored on his terminal equipment at any time.