Patient rights

Personal Data Protection – Privacy notice regarding data confidentiality

We kindly invite you to carefully and completely read the privacy notice regarding data confidentiality!

The official website www.rident.hr is managed by the POLYCLINIC RIDENT, a limited liability company for medical treatments in the field of dental medicine and dental laboratory (hereinafter: Polyclinic RIDENT Ltd.), situated in Rijeka, Franje Čandeka 39, and the Poreč branch in: Istarska 1a, 52440 Poreč, registered at the Commercial Court in Rijeka under No. 040188653, Statistic number: 1766333, VAT No.: 57260863791.

By visiting our websites, the server of Polyclinic RIDENT Ltd. Records and collects only your IP address through which we have access to the location from where you logged in.

No other personal data will be recorded on our web server if you do not voluntarily enter it in any of our forms. Before collecting and processing any of your data, Polyclinic RIDENT Ltd. Is obliged to inform you about the category of data collected, the manner and purpose of collection and processing, and your rights regarding the data collection.

If you voluntarily submit your personal data, by filling in any form or by sending an online inquiry, we will not use, process or transmit it out of the limits that are permitted by the regulations governing data protection or which you have specified in your consent statement. Furthermore, your data will be transmitted or disclosed to third parties only if required by law.

Any changes regarding the Privacy Policy on this site will be published so you may be informed at any time which information is collected, stored and how and for what purpose we use it.

The Polyclinic RIDENT Ltd. Respects and protects the privacy of its patients, strictly preserves the confidentiality of their personal and medical records and has taken all appropriate organizational and technical measures to protect personal data and privacy of its employees, patients and business partners.

Protecting your privacy when processing your personal data is very important, therefore we process all personal information collected during your visit to our site or the Polyclinic itself in accordance with the data protection and privacy policy.

Access to the personal information databases is solely authorized by the Polyclinic RIDENT Ltd, as well as certain business partners based on contractual and legal obligations. Apart from that, all personal information we store is a professional dental secret in accordance with the Dental Medicine Act and the Code of Dental Ethics and Deontology, therefore Polyclinic RIDENT Ltd has ensured that your personal information is kept as a professional secret by all persons employed at the Polyclinic RIDENT Ltd.

Polyclinics employees, as well as our business partners, are educated in terms of data protection with the aim of protecting privacy as much as possible.

The Polyclinic RIDENT Ltd. Uses technical and organizational security precautions to protect all data stored in its databases from inadvertent or deliberate manipulation, loss or destruction and access to unauthorized persons, and will constantly comply with the regulations governing security and data protection.

All information security measures at Polyclinic RIDENT Ltd. Have been applied according to the ISO 27001 standard.

We respect your privacy and therefore:

  • We will never abuse your personal information in any way,
  • Your contact and personal information will never be given to any third party,
  • Your contact and personal information may be disclosed to the third party only with your written permission,
  • You can unsubscribe from the newsletter mailing list at any time.

1. Which data is collected by Polyclinic RIDENT Ltd.?

Polyclinic RIDENT Ltd. can collect the data regarding your location using your Internet Protocol Address (IP) since the websites listed above and managed by the Polyclinic RIDENT Ltd. are collecting your IP address and then analysing it through the Google Analytics platform solely for the purpose of enhancing our services ensuring thus the better quality of the dental care we provide, acting in accordance with our legitimate obligations and interests in providing and constantly improving the dental care.

In this case, it is possible that certain data will be stored through and by the Google Analytics platform. If you are interested to learn more about the Google Analytics follow the link:
https://policies.google.com/privacy?hl=hr

Our services are also available through contact forms on our web pages allowing you to contact the Polyclinic RIDENT Ltd. in order to ask questions or to arrange a visit. Consequently, we may ask you certain personal information only to enable our employees to respond as soon as possible to your request.

Due to the above mentioned, your personal information such as: e-mail address, first and last name, cell phone number, etc. are required in order to respond to your request or query, so it is mandatory to confirm the notice in order to certify that you are familiar with the privacy policy.

In addition, Polyclinic RIDENT Ltd. uses Facebook Messenger, Live Chat and WhatsApp as a communication tools for online communication. While using these tools our Polyclinic does not collect and hidden data, because they are used for quicker and better communication with you. However, if during the conversation you ask to book and appointment, we need to collect some personal data in order for the booking to be valid.

By accessing the Polyclinic RIDENT Ltd. website, you agree to the terms and conditions when browsing the sites, using the forms and chats available to you.

2. Why does Polyclinic RIDENT Ltd. collect and process your data?

Your information is collected by the Polyclinic RIDENT Ltd. for the purpose of:

  • better and faster delivery of dental services;
  • for advertising and sending of informative-promotional materials of the Polyclinic RIDENT Ltd.;
  • to improve our business and to develop the dental services we provide to you;
  • in order to communicate with you in a faster and easier way
  • for other purposes with your expressed consent.

Your personal data will not be kept longer than it is necessary for the purpose for which it was collected. This means that data will be destroyed or deleted from our systems when we no longer need it.

We will not disclose your personal data and we will take particular care of who and how we pass on your information to. For this purpose, the Polyclinic RIDENT Ltd. has taken all organizational and technical measures of data protection in line with the development of the technology.

Disclosing and sharing of your personal data is only possible with our trusted and secure business partners with whom we have entered into Personal Data Protection Agreements, exclusively for the purpose of providing services on our behalf. The above-mentioned business partners will be using your data only for purposes provided on our behalf.

In addition to this, the data may be disclosed to other recipients as competent bodies only if:

  • we were ordered by the law, the decision of the administrative or judicial body
  • to comply with the law or to respond to mandatory legal proceedings, and
  • to comply with the rules governing our services

The security and confidentiality of your personal data is our primary concern. For the transfer of your personal data to other recipients beyond the legitimate interests of Polyclinic RIDENT Ltd. which are not necessary for a high level of service, we will promptly notify you and request your consent.

We are warning you that due to the rapid development of technology, every Internet system user must be aware that no system is absolutely safe and how objectively it is not possible to anticipate in advance any risks that may arise using the Internet. In any case, the Polyclinic RIDENT Ltd. puts the security and confidentiality of your personal data in the first place, therefore we will be persistent in our efforts to make the personal data protection system as secure as possible.

3. Social media platforms / networks?

Social media is an online community that allows users to communicate interpersonally in a virtual space.

Our Services use social plug-ins (“Plugins”). When using the Services that contain the Add-ons, the data can be directly transferred from your device to the social network operator. The Polyclinic RIDENT Ltd. Cannot influence the data collected by the Plugin.

If you are signed in to a social network, your use of the Service may refer to your social network account. If you interact with the plugins, clicking “I like”, “Track” or “Share”, or enter a comment, the data can automatically appear on your social network profile. Even if you are not signed in to the social network, it’s possible that the apps will transfer your IP address to the social network operators. Keep this in mind when using our Services.

4. Information on Social Network Operators regarding the Plugins that are used in our Services

Every time a user is connected to a social media network and accessing our website www.rident.hr at the same time, the social network will receive information data.

If you are a member of one or more of the social media networks and you don’t want the Plugin Operator to connect the data concerning your use of our Services with your member data already stored by the Plugin Operator, please log out of the social network before using our Services.

Facebook

Facebook is owned by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, SAD. If the user is located outside the US of A, the designated data controller is Facebook Ireland Limited, Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

For further information you may visit Facebook’s privacy policy website at
https://www.facebook.com/about/privacy/

Instagram

Instagram service owner is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Instagram collects data through an Instagram Plugin during the time you are connected to a website regardless of the fact if the user has clicked on the IG button.

Additional information and Instagram Privacy Policy information my be found: https://help.instagram.com/155833707900388 i https://www.instagram.com/about/legal/privacy/.

YouTube

The owner of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, SADThe YouTube, LLCis a branch of the company Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

YouTube Privacy Policy information:

https://www.google.com/intl/en/policies/privacy/ give you information on data privacy and collection by YouTube and Google.

Google+

The social media network Google+ allows users to open private profiles by uploading photos and connecting through friendships requests.

The owner of the social network is Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). For further information you may visit Google’s privacy policy website at https://www.google.com/intl/en/policies/privacy/.

Live Chat

One of the plugins on the Polyclinic Rident site is Screets Live Chat. An application support for direct communication in real time (the so-called live chat) with users of our web site www.rident.hr that chose that kind of communication channel.

Screets Live Chat manages information such as:

  • on-line chat: IP address
  • off-line chat: IP address, first and last name, e-mail address in a form of a message (ticket).

By using Screets Live Chata Policlinic RIDENT Ltd. does not manage any data storage, but uses them for ease of communication with users. However, if while using chat our employees need your personal data for booking purposes the given data will only be used as such.

Live Chat 2.8.6. has been developed by the company Screets in BIH – Sarajevo, Bosmal City Center, Hub 387. More information on Live Chat 2.8.6. may be found: https://screets.com/.

WhatsApp

WhatsApp is a mobile application for the exchange of messages, photos, and videos on mobile phones. WhatsApp is owned by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, SAD. WhatsApp does not store messages on its servers once delivered, it uses end-to-end encryption.

Your rights regarding the collection and processing of the data

At all times you have the following rights:

The right of access by the data subject

The data subject shall have the right to obtain from the Polyclinic RIDENT Ltd. confirmation as to whether or not personal data concerning him or her are being processed, purposes of the processing, the categories of personal data concerned, the recipients, period of storage and the right to request rectification, erasure, restriction of data processing or objection to data processing.

Right to rectification

The data subject shall have the right to obtain the rectification of inaccurate personal data concerning him or her. The data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure

The data subject shall have the right to obtain from the Polyclinic RIDENT Ltd. the erasure of personal data concerning him or her under certain conditions, unless their storage is not prescribed by law.

Right to the restriction of processing

The data subject shall have the right to obtain from the Polyclinic RIDENT Ltd. the restriction of processing concerning him or her under certain conditions.

Right to object

The data subject shall always have the right to object to the processing of personal data concerning him or her.

Right to data portability

The data subject shall have the right to have the personal data transmitted to another data protection officer; where technically feasible, this will be performed automatically.

Right to lodge a complaint with a supervising authority.

*All the above-named rights you may realize by writing to the address of Poliklinike RIDENT d.o.o. or via the personal data protection officer whose contact details are found on the information sheet and published on our web site.

Contact information of the Personal Data Protection Officer of the Polyclinic RIDENT Ltd.:

Adress and place of work: Franje Čandeka 39, 51 000 Rijeka
E-mail adress: info@rident.hr
Tel. number: +385 (0)51 648 900
Fax number: +385 (0)51 648 928

Notification about collection and processing of personal data collected by video surveillance

The data we are obliged to provide in accordance with the regulations governing the protection of personal data

Identity and contact details of the controller:

Polyclinic RIDENT, a limited company for medical treatments in the field of dental medicine and dental laboratory, Franje Čandeka 39, 51000 Rijeka, Poreč branch office of the polyclinic, Istarska 1a, 52440 Poreč, OIB: 57260863791 (hereinafter: Polyclinic RIDENT Ltd.).

Processor:

SECURITAS HRVATSKA Ltd., Zagrebačka cesta 145a, 10000 Zagreb, OIB: 33679708526.

Categories of personal data collected and processed by the Polyclinic RIDENT Ltd.:

Polyclinic RIDENT Ltd. has a video surveillance system hence it collects and processes personal data by using a video surveillance system which records data concerning features and movements of persons meaning it creates a video recording which is or is intended to be part of the storage system.

Contact details of the Data Protection Officer of the Polyclinic RIDENT Ltd.:

Name and surname: Danijela Stojanović, mag.iur., Address and place of work: Franje Čandeka 39, 51 000 Rijeka

 

E-mail address: danijela.stojanovic@rident.hr, Phone: +385 (0) 51 648 900, Fax: +385 (0) 51 648 928.

Purpose of the processing for which the personal data are intended:

Polyclinic RIDENT Ltd. uses a video surveillance system to prevent incidents concerning security and protection of employees, patients, other visitors and assets of the Polyclinic RIDENT Ltd., i.e. to prevent illegal actions towards mentioned persons and assets of the Polyclinic RIDENT Ltd.

The extent of collection and further processing of personal data by using a video surveillance system is limited to the fulfilment of purpose which is necessary and justified for the protection and security of the employees, patients, visitors as well as the assets of the Polyclinic.

Personal Data Processing Method:

The personal data collected through video surveillance is stored on electronic media with the application of all prescribed and appropriate legal, organisational and technical measures thus providing the appropriate security and privacy, including protection from unauthorised and illegal processing and accidental loss, deletion or damage.

The video recorder and the data base content can be accessed only by authorised personnel of the Polyclinic RIDENT Ltd. and persons authorised by them, through a user name and password, and also by the person authorised by the Processor, with the intent to secure privacy of the data and to prevent further unauthorized access and processing.

The video surveillance system has enabled an automated record that documents video surveillance data access (system logs). Such tracking includes the time and the place of access and also the marking of the persons accessing the data.

The legal basis for processing personal data collected through video surveillance:

Polyclinic RIDENT Ltd. collects and processes your personal information according to the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the Law on the implementation of the general data protection regulation.

The period for which the personal data collected by video surveillance will be stored:

Data collected by video surveillance (video recordings) is stored for a period of 15 days and is by expiry appropriately deleted or permanently destroyed. In case of justified need, data collected by video surveillance can be stored longer than the specified period by fulfilling certain conditions prescribed by the Law on the implementation of the general data protection regulation.

Patient rights protection notice

For your safety and satisfaction, and to build the mutual trust, understanding and partnership between you as a patient and our medical staff, we would like to remind you of your basic patient rights regulated by the Patient Rights Law (NN 169/04 and 37/08).

RIGHT TO CO-DECISION

The right to co-decision includes the right to be informed and the right to accept or refuse a diagnostic or therapeutic procedure.

Exceptionally, these rights may be limited in cases justified by a health condition specified by the Patient Rights Law.

 

Right to be informed

 

You have a right to be fully informed in the way you understand best about:

  • Your health condition and the medical assessment of the results and outcomes of the diagnostic or therapeutic procedure,
  • The proposed examination and procedures, as well as the benefits and risks of doing or not in the proposed time frame,
  • The treatment outcomes,
  • Your right to decide on the proposed examinations or procedures,
  • The possible alternative procedures,
  • The course of therapy in the process of health care,
  • The proposed lifestyle changes,
  • The health insurance rights and the way to exercise these rights.

The notice will be given to you upon your verbal or written request by the doctor involved in your immediate medical care. You have a right to a second professional opinion in regard to your health status. This opinion should be given to you upon your verbal or written request by the specialist of the appropriate specialization.

Your right is to be informed of the names and qualifications of the medical personnel involved, as well as in regard to the outcome of the success or failure of the procedure.

 

You have a right to refuse the receipt of the information regarding your health status, proposed therapy and the expected outcomes. This refusal needs to be in writing.

If you are a person without disabilities, you may not waiver the right to be informed in cases when you have to be aware of the illness in order not to put others in danger. However, you may delegate this right to another person in a written statement.

The right to be informed about a patient with impaired judgment, in accordance with age, physical or mental impairment, has his legal representative or guardian.

 

The right to accept or refuse a diagnostic or therapeutic procedure

 

You have a right to accept or refuse a proposed diagnostic or therapeutic procedure, except in cases of urgent medical care when your life or health are immediately threatened or the state could cause physical or mental impairment to the person or others due to the fact that a procedure was not performed in time. You confirm the acceptance of a diagnostic or therapeutic procedure by signing the Acceptance of the recommended therapeutic procedure.

A blind person, a deaf person who cannot read, a mute person who cannot write and a deaf-blind person, need to confirm the acceptance of the diagnostic or therapeutic procedure in form of a notarial dead or by a statement which identifies a person who will in their name accept or refuse the procedure. Such a statement needs to be signed in front of two witnesses.

THE RIGHT TO CONFIDENTIALLITY

You have a right to data confidentiality regarding your health status, thus you have a right to indicate in a written statement a person that may be informed of your health status, as well as persons that are grounded from such information.

THE RIGHT TO PRIVACY

During examination or therapy, and especially when given personal care, you have a right to conditions that secure privacy.

THE RIGHT TO MEDICAL DOCUMENTATION

Your have a right to access the full medical documentation in regard to the diagnostics and therapy of your medical state, as well as request the copy of the documentation at your own expense.

In case of patient’s death, unless specifically forbidden by the patient during lifetime, the right to access or request copies of medical records is passed onto the spouse or lifetime partner, an adult child, parent, an adult sibling or legal representative / guardian. The refusal to access the medical documentation may be give by the patient in a written statement solemnized by the notary public.

THE PATIENT’S RIGHT TO PROTECTION WHILE PARTICIPATING IN A SCIENTIFIC STUDY

If participating in a scientific study, the patient has a right to receive a precise and understandable written information regarding the nature, importance, consequences and possible risks of the study. The patient has the right to give a consent in a form of a statement to participate in the study or medical training.

The signing of the consent for a patient with impaired judgment, in accordance with age, physical or mental impairment, has his legal representative or guardian, who can also withdraw the consent at any time.

THE RIGHT TO A COMPENSATION

Your right to a compensation in based on general rules of mandatory law. In case you find that during your medical treatment you have suffered a damage, you have a right to seek compensation by filing a lawsuit with the competent court (tribunal). Please be so kind to contact our Board with your request in order to resolve the dispute amicably before suing.