PERSONAL DATA PROTECTION POLICY
- A few words about our website
The website www.reamaternity.gr is the Hospital’s website, including content on medical services, information on the operation of the departments, as well as useful information for the patients, such as policies and regulations of the Hospital and scientific articles.
The personal data that you provide us during your navigation to our website, as well as during your login as a user to our services, is processed and stored in a file under the Hospital’s responsibility.
- What are the personal data?
The term “personal data”, as used in this Policy, means any information relating to natural persons, either individuals or professionals, such as first and last name, mailing address, e-mail address, contact telephone number, financial data, etc., which can be used to identify our website visitor, hereinafter referred to as “Personal Data or Data”.
- What does Processing of Personal Data mean?
Processing of Personal Data is the collection, registration, organisation, storage, adaptation, modification, retrieval, search of information, use, transmission to third parties, dissemination, association, combination, restriction, deletion and destruction of Personal Data of natural persons.
- What kind of Data do we collect about you?
- A) During your visit and navigation to the website:
We do not collect your Data, with the exception of any Data collected by way of Cookies that you have permitted to be used subject to your consent and are described in detail in the Cookies Policy here: http://www.reamaternity.gr/cookies-policy/.
- B) Furthermore, if you have given your consent to receiving newsletters, we register your e-mail address in the “newsletter mailing list”.
- For what purpose do we process your data?
We collect your Data solely for the purposes of the services we provide through the website www.reamaternity.gr, and particularly for:
- a) provision of information on Hospital’s matters; b) newsletter sending.
- What is the legal basis for processing your Data?
The data processing of the natural persons is subject to the individual consent of the user.
- Who are the recipients of your Data?
The recipients of your Data are the absolutely necessary staff of the Hospital, which is committed to maintain confidentiality, and the co-operating company “Global One Ltd”, which manages the Hospital’s website and processes your Data as Data Processor on behalf and in accordance with the Hospital’s orders.
We may share or disclose your Data, if explicitly requested by you or required by law.
- How do we ensure that Processors respect your Personal Data?
Processors have agreed and are contractually bound to the Hospital:
- to respect confidentiality;
- to refrain from sending your Data to third parties without the Hospital’s permission;
- to take the necessary security measures;
- to comply with the legal framework on personal data protection, in particular General Data Protection Regulation (GDPR).
- Do we send your Data abroad?
We do not send your Data outside Greece. Your Personal Data are stored and processed only within Greece.
- When do we delete your Data?
We delete your Data regarding your consent to receiving newsletters as soon as you declare that you do not want to receive newsletters anymore, by clicking the button DELETE/ΔΙΑΓΡΑΦΗ from the Unsubscribe Newsletter page.
We delete the Data collected by Cookies, pursuant to the Cookies Policy.
- Are your Data secure?
We undertake to safeguard your Personal Data. We have put in place all the suitable organisational and technical measures, for the purpose of protecting your Data from all forms of accidental or unlawful processing.
We use an Electronic Security Certificate (SSL - Secure Socket Layer) in order to ensure the secure exchange of data between the website and your browser.
These measures are reviewed and modified when required.
The process of your Data, in any way, is permitted only to authorised by us persons, employers and collaborators, exclusively for the aforementioned purposes (see answer to question No. 5).
- What rights do you have?
You have the right of access to your Personal Data.
This means that you have the right to be informed by us, if we process your Data. If we process your Data you can ask to find out the purpose of processing, the type of Data we keep, who we provide them to, for how long we store them, if there is automated decision-making, as well as about the rest of your rights, such as the right of Data rectification and erasure, restriction of processing, and lodging a complaint before the Personal Data Protection Authority.
You have the right of rectification of inaccurate Personal Data.
If you find any errors in your Data, you can apply to us for their correction (e.g. name correction or change of address updating).
You have the right to erasure/“right to be forgotten”.
You can ask us to erase your Data, if they are no longer necessary for the above purposes of processing or if you wish to withdraw your consent in cases where it is the sole legal basis.
You have the right to the portability of your Data.
You can ask us to provide you with Data you have provided in a readable format or to transmit them to another controller.
You have the right of restriction of processing.
You can ask us to restrict the processing of your Data for as long as your objections to their processing are under review.
You have the right to object to the processing of your Data.
You can object to the processing of your Data or to withdraw your consent and we will stop processing it, in the absence of other imperative and legal grounds overriding your right.
- How can you exercise your rights?
In order to exercise your rights, you can either send us your Request to the postal address of REA Hospital (383 Syggrou Ave. & 17 Pentelis, P. Faliro, Postal Code 17564) or send us an e-mail at firstname.lastname@example.org with the subject “Exercise of the Right of Access/Correction/Deletion/Restriction/Enforcement” describing your Request, and we will consider your Request and try to respond to you as soon as possible.
- When do we reply to your Requests?
We reply to your Requests free of charge and without delay, and in any case within one (1) month from the time of receiving them. If, however, your Request is complex or if you have sent a large number of Requests, we will get back to you within a month to notify you in case we need a two (2) months extension in order to reply.
If your Requests are manifestly unfounded or exaggerated, in particular if they are repetitive, the Hospital may choose to charge you a reasonable fee in order to cover the administrative costs incurred in providing information or taking the action requested or refuse to take any further action with a Request.
- Who can you contact for information about the progress of your Requests?
For information about the progress of your Request you can call us at +30 210-9495100.
- Do we use automated decision-making/including profiling when processing your Data?
We do not make decisions nor do we make automatic profiling using automated procedures when processing your Data.
“Cookies” are used on our website www.reamaternity.gr, always following your information and consent.
- Which is the applicable law to the processing of your Data by us?
We process your Data in accordance with the General Data Protection Regulation 2016/679/EU, and, in general, the applicable national and European legislative and regulatory framework on personal data protection.
- Where can you complain if we violate applicable law on the protection of your Personal Data?
You have the right to lodge a complaint with the Personal Data Protection Authority (mailing address: 1-3 Kifissias Ave., Postal Code 115 23, Athens, tel.: +30 210 6475600, e-mail: email@example.com), if you believe the processing of your Personal Data to be in violation of the applicable national legal and regulatory framework on personal data protection.
- How can you find out about amendments to this Policy?
We update this Policy whenever necessary. In case of major changes in the Policy or in the way we use your Personal Data, we will inform you either by posting a notification in a prominent position before the changes come into force or by any appropriate means. We encourage you to refer regularly to this Policy to find out how your Data are protected.
If you would like to contact us for any matter on the processing of your Data and the exercise of your rights, please contact the Data Protection Officer (DPO) of REA Hospital at tel.: +30 210-9495100 or at the address: 383 Syggrou Ave. & 17 Pentelis or at the e-mail: firstname.lastname@example.org.