PRIVACY POLICY

This Privacy Policy based on the General Data Protection Regulation (GDPR) explains what personal data is collected in connection with our activities, how we process, use and protect this data, for what purposes we use it, as well as your rights related to your personal data.

THE FUNDAMENTAL PRINCIPLE OF OUR BUSINESS IS PRIVACY AND PROTECTION OF PERSONAL DATA

Privacy of individuals and protection of personal data are fundamental human rights. It is our duty to take care of the personal data that we collect, process and store. Your personal data is our responsibility and we collect and process it only when it is necessary while ensuring security measures to protect it.

Polyclinic RIDENT, a member of the Adria Dental Group – the largest group of dental medicine in the Adria region, adheres to the following principles with the aim of protecting the privacy and personal data of its patients and all persons whose personal data we process:

• We do not collect more personal data than is absolutely necessary

• We do not use personal data for purposes about which you are not informed in time

• We do not store personal data if it is no longer necessary

• We never sell, lend or distribute personal information

• We do not send personal data to third parties without your knowledge and if it is not legal

• We do not use any automated processing for decision making or profiling

• We do not transfer personal data outside the EU/EEA

• We continuously ensure that personal data is securely stored and protected.

It is important to read this Privacy Policy and we hope you will take the time and your attention. We tried to make it as clear as possible and understandable to everyone, with the desire to maintain your full trust in the way we handle your personal data.

If, after reading it, you will have further questions about the protection of personal data at the Polyclinic RIDENT, please feel free to contact our Data Protection Officer at any time:

Igor Barlek, CIPP/E, Adria Dental Group Data Protection Officer

• by email to the address bi@biconsult.hr or

• by mail to Poliklinika RIDENT d.o.o., Franje Čandeka 39, 51000 Rijeka or

• by mail to Adria Dental Group, Ul. Josipa Marohnića 3, 10000 Zagreb.

We regularly improve our Privacy Policy in order to improve the protection of your data.

This Privacy Policy was updated on April 24, 2023.

1. WHO WE ARE

Poliklinika RIDENT d.o.o., Franje Čandeka 39, 51000 Rijeka, is the controller of your personal data and determines the purposes and methods of processing your personal data and takes care of ensuring all security measures for your personal data, and in relation to patients’ personal data also acts as a joint controller with related companies – dental laboratories within Adria Dental Group, our group ADRIA DENTAL GROUP d.o.o., Ul. Josipa Marohnića 3, 10000 Zagreb and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb.

2. WHAT DATA DO WE PROCESS, HOW AND FOR HOW LONG

When registering potential patients for a free specialist examination

For these purposes, we need your basic personal data (name and surname) and contact data (email and telephone) for effective communication and to achieve the best possible understanding of your wishes and needs and to agree on the date of the first examination. At the same time, the delivery of a dental scan or orthopan from your side is certainly welcome, but only if you have them and want to share them with us in accordance with the rules for ensuring the legality of handling health data as special categories of personal data according to the GDPR with the highest level of security of such processing personal data. If you opt out of the free specialist examination, we will permanently delete all your personal data.

When providing dental services to our patients

From the first examination and during the provision of dental medicine services, we are obliged to collect all data about your dental health, keeping a patient record, as well as a necessary set of personal health data (presence of chronic diseases and possible allergies, infections, specifics related to receiving anesthesia, etc.), necessary for the provision of dental services and the protection of your health when carrying out certain specialist treatments and surgical procedures,in accordance with the rules for ensuring the legality of handling health data as special categories of personal data according to the GDPR with the highest level of security for the processing of such personal data.

During the implementation of the agreed treatments and multiple interventions for the purpose of monitoring the effectiveness of individual phases of the intervention, we also collect photos of the patients’ dental images, which are saved exclusively in the patient’s file.

In your patient record, we keep all data relevant to ensuring the highest quality of your dental health, which we are obliged to keep for ten years after the end of treatment in accordance with the legal regulations in the field of dental medicine, with full respect for the patients’ right to confidentiality of data related to the state of health in accordance with the regulations on the preservation of professional secrets, while older data is archived.

In your best interest and for the purpose of ensuring the highest quality of dental services, we will refer you to another polyclinic within the Adria Dental Group or use the services of dental laboratories – members of the Adria Dental Group, and in accordance with the legal regulations in the field of dental medicine and the preservation of professional dental confidentiality, we will forward your health documentation as well.

All members of our team are obliged to keep as a professional secret everything they know about your state of health and access to all your personal data is strictly limited, and in accordance with the Health Care Act we are obliged to give access to your personal data at the request of the competent ministry, other state administration bodies in accordance with the special regulations of the Croatian Chamber of Dental Medicine and competent judicial bodies.

We retain the necessary set of basic personal data (name, surname, ID number, address, service performed) for the purposes of issuing invoices for services in accordance with accounting and tax regulations.

Video surveillance

Exclusively for the purpose of protecting the safety of our patients and employees and all persons who are included in the legal perimeters of the recording, and for the purpose of protecting property and preventing illegal actions directed towards the polyclinic’s property from theft, robbery, burglary, violence, destruction, etc., in accordance with our justified and documented legitimate interest, we monitor exclusively the acceptable space around and inside the business premises of the polyclinic, whose recording perimeters are clearly marked with easily visible notices. As a rule, we store video surveillance recordings for up to a month, depending on the amount of recorded records on the storage medium, and a maximum of 6 months.

Selection of candidates for jobs and employment

During candidate selection and employment procedures, we collect basic data about candidates with the intention of entering into an employment contract, name and surname, residential address, email address, phone number, education and work experience, and other data that you submit to us via your resume, as a set of your personal data important for carrying out the selection and employment procedure. After the end of the selection process, we hire the selected candidates and collect all necessary data in accordance with legal obligations, while applications and personal data of unsuccessful candidates are returned upon request or permanently destroyed, and based on your consent we retain them for possible future employment opportunities.

We share candidates‘ personal data with our group ADRIA DENTAL GROUP d.o.o., Ul. Josipa Marohnića 3, 10000 Zagreb and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb, as related companies based on a valid legitimate interest, in accordance with the provisions of the GDPR.

The consumer’s right to object

Each of our patients is guaranteed the right to file a complaint or complaint about the services provided, whereby we collect the necessary set of personal data of the complainant and keep it for a period of up to 12 months, in accordance with regulations in the field of consumer rights protection.

Use of your personal data for the purpose of sending the newsletter

We send notifications through the newsletter about news from our polyclinic, about our services and special offers based on your consent or a valid legitimate interest in using your email address for this purpose, and we use it until the moment of withdrawal of consent or your objection and expressed desire to stop receiving further notifications.

Collection of your personal data on our website

Although you can use our website without providing personal information, when you contact us via our contact form for the purposes of ordering a free specialist examination or treatment or for the purposes of possible employment, establishing a business relationship or enquiry, we collect your first and last name and email address, and the information about your phone number is extremely useful so that we can determine your wishes and needs in the field of dental health as accurately as possible with our return phone call. As long as we have open communication in the sense of establishing cooperation and agreeing the first review, we will collect your personal data and delete them after the termination of further communication, after the expiration of all legal obligations or the termination of the existence of legal grounds from the GDPR related to the processing of your personal data.

Our website is not intended for providing services to minors under the age of 16, and for this purpose, it is necessary to attach the consent of parents or holders of parental responsibility before providing personal information through our contact form.

Our website also contains links to other websites and social networks (eg Facebook, Instagram, YouTube, LinkedIn) and this Privacy Policy does not apply to them. We recommend that you read the privacy protection terms of each website and social network you visit, especially where you leave information.

3. WHO HAS ACCESS TO YOUR DATA

We cooperate with exclusively reliable business partners who help us provide and improve our services and make our direct communication with you more effective. We provide access to your personal data to authorized external processors for the purpose of processing personal data on our behalf and on the basis of our express instructions based on data protection agreements in accordance with Article 28 of the GDPR. These partners are obliged to strictly comply with the obligation of confidentiality in accordance with this Privacy Policy, with the contracts we have concluded with them and in accordance with the obligations from the GDPR.

Our chosen external data processors are business partners who provide services for us to achieve contact with patients, personnel selection, IT services and maintenance services for business applications and systems, video surveillance and web and email hosting, without which we would not be able to ensure the fulfillment of the highest quality of our services.

For the purpose of ensuring the accommodation of our patients during your arrival for the first examination and treatment at our polyclinic and organized transport to the polyclinic and accommodation locations, we share your necessary personal data with reliable business partners who provide us with transport and accommodation services.

4. YOUR RIGHTS

You are free to contact us at any time in order to exercise your rights in the field of protection of your personal data. Your rights are as follows:

The right to access personal data

You have the right to access your personal data and to be informed about which data and how we process it, for what purpose and for what period. We provide you with the opportunity to receive a copy of your personal data.

The right to correct personal data

You have the right to correct or complete inaccurate or incomplete personal data collected by us.

The right to delete personal data  

You have the right to request us to delete your personal data when the data is no longer necessary to fulfill the purpose for which it was collected, when you submit a justified complaint or your personal data is processed illegally.

The right to object

You have the right to object to certain handling of your personal data. For example, you can request that we stop processing your personal data for direct marketing purposes via the newsletter.

The right to restriction of processing

You can ask us to restrict data processing, for example, when deletion, correction or objection regarding your personal data is pending and/or when we do not have a valid basis for processing your data and you want us to keep it. When processing is restricted, your data will be stored and will not be processed further. For example, if you dispute the accuracy of your data, the processing of such data will be restricted until it is ensured that the data is correct.

Right to data transfer

When the processing is carried out by automated means of processing based on a contract or consent, you have the right to receive the personal data that you have provided to us in a structured and commonly used machine-readable format and to transfer such data to third parties at your own discretion.

Right to withdraw consent

If you have previously given your free express consent for the public publication of intraoral and facial photographs or audio/video recordings on our websites or social networks, you have full right to withdraw your consent at any time and we will delete our postings of your photographs or audio/video. recordings.

If you want to exercise any of the aforementioned rights, feel free to submit a request:

  • via email to info@rident.hr or
  • by mail to the address Poliklinika RIDENT d.o.o., Franje Čandeka 39, 51000 Rijeka.

We will respond to your request as soon as possible, and no later than one month after receiving your request. In the event of the impossibility of securely confirming your identity, we will be free to request an additional verification of the requestor’s identity.

If you believe that our handling of your personal data is not legal, you can file a complaint directly with the competent supervisory body at any time – Croatian Personal Data Protection Agency (AZOP), Selska cesta 136, 10 000 Zagreb, phone: +385 1 4609 000, email: azop@ azop.hr.

IMPROVING THIS PRIVACY POLICY

We retain the right to adjust and improve the text of this Privacy Policy from time to time, primarily in order to comply with legal changes, especially in a case of changes in the purposes and methods of processing. However, we will not limit or diminish your rights arising from this Privacy Policy or from the corresponding legal regulations. In the event that there are changes that may affect your rights, we will notify you in a timely and an appropriate manner.