We hereby inform you about the processing of your personal data by MEDIMALL I.A.E. (hereafter “Company”), for the services we provide.

Particularly:

a) The provision of medical services for the purpose of medical opinion and/or the completion of a medical act performed on the premises of the company

b) Sending results of the medical act you have made, in the form of email and to the address you will personally provide us.

c) Sending results to doctors in the form of an email to the address that you will personally provide us as well as by telephone that you will indicate to us.

d) Providing email and/or SMS updates about the medical act that you have performed new services of the company or updates on interesting matters for you.

e) Sending reminders by e-mail and/or SMS about the repetition of medical acts after a period defined by medical science and practices of preventive medicine.

f) The reception and possible sending of biological samples to collaborating medical centers for further analysis according to the services requested when they cannot be completed by the company.

g) Sending of personal data to partners (notaries, translators, etc.), necessary to complete the service you wish to receive.

h) Sending statistics – without personal data – to the National Medical Assisted Reproduction Authority upon request.

i) The management of accounting data, depending on the legal requirements (tax authorities, etc.).

TRANSFER OF PERSONAL DATA

The company may forward your data according to the above. It will not transmit your personal data in any other case except:

  • To you
  • To the cases mentioned above
  • If requested by you
  • organizations such as tax authorities, insurers, insurance companies, processors for whom we operate as processors.

CATEGORIES OF PERSONAL DATA COLLECTED

The categories of personal data we collect include:

  • Demographic data are given to us during your visit to the company
  • Insurance details, if applicable
  • Your previous examinations that either we need them as history and are necessary for the execution of the medical act or will be used by the doctor who will complete the diagnosis of the medical act you will perform
  • Legal documents (notarial acts, identity papers, passports, residence permit for foreigners, etc.) for a medical procedure (assisted reproduction, donation of genetic material, surrogate motherhood, etc.) that you want to perform in the company
  • Contracts to be signed for services we offer you (100% refund).

 

Please note that the company will process the personal data with this statement for the purposes stated therein and not for any other purposes.

DURATION OF PROCESSING

The protection of your personal data is extremely important for the company. We take all appropriate organizational and technical measures to ensure that the data we collect under this statement is processed in accordance with the requirements of the legislation on the protection and retention of your personal data. Please be advised that under the Medical Code of Conduct, the record-keeping requirement is set to be at least 10 years. The company may retain the data for longer periods. If you wish your data to be retained for as long as it is permitted by applicable law or code of conduct, please contact us so that after the end of the decade, to be deleted in a way that does not allow it to be retrieved. If processing is performed on a contractual basis, your personal data will be stored for as long as necessary for the contract execution and for the establishment, exercise, and/or support of legal claims under the contract.

SECURITY OF PROCESSING

One of the measures we take for the protection of your personal data is to apply pseudonymization methods wherever possible, particularly when sent for further processing and completion of the requested services, to other medical centers with which the company cooperates and has a relevant contract with them. Pseudonymization means the processing of personal data in such a way that it is no longer possible to identify a particular individual without the use of supplementary information provided that such additional information is kept separate and subject to technical and organizational measures to ensure that they can not be attributed to an identifiable natural person. In addition to modern technical security measures, the Company also has additional Security Policies and Procedures for the protection of your personal data.

EXERCISE YOUR RIGHTS

For any questions you may have or for the exercise of the rights under applicable privacy laws, please contact us:

By phone with the secretariat at + 30 210 77 11 600 or via the contact form at https://donorbank.medimall.gr/  or by letter at 2, 4, Mesogeion Ave., 115 27 ATHENS

We inform you that you can revoke your consent at any time (with no retroactive effect) in the ways listed above. From 25 May 2018, the new General Data Protection Regulation (European Parliament and Council Regulation (EC) No 2016/679) is in force. Additionally, under the new Regulation you can exercise your following rights under the provisions of the Regulation:

  • Access and correction of your personal data in the case of inaccurate data that concern you
  • Deletion of your personal data if it is no longer necessary for the provision of service but does not conflict with the legal framework and the medical code of conduct
  • Restrict the processing of your data
  • Object to the processing of your personal data
  • Claim any legitimate interest
  • The portability of your data to another controller. It is your right to receive your data in an appropriate format so that it is technically transferable to another controller.