KAUNAS IMPLANTOLOGY CENTER UAB
1. GENERAL TERMS AND CONDITIONS
1.5.1. data controller is Kaunas Implantology Center UAB;
1.5.2. data processor is a legal or natural person that a data controller concludes the cooperation agreement with regarding personal data processing;
1.5.4. data processing means any act performed on personal data: collecting, recording, accumulating, storing, classifying, grouping, merging, modifying (adding or editing), providing, publishing, using, logic and / or arithmetic operations, search, dissemination, destruction or other action or set of actions;
1.5.5. data subject is a Patient or other visitor of the Website, the personal data of whom is managed by the data controller;
1.7.1 The General Data Protection Regulation;
1.7.2 The Law on the Legal Protection of Personal Data of the Republic of Lithuania;
1.7.3 General requirements for organizational and technical data security measures approved by Director of the State Data Protection Inspectorate on November 12, 2008 by order No. T71 (Official Gazette, 2008, No. 1355298);
1.7.4 Other legislation regulating the protection of personal data and the right to collect personal data.
188.8.131.52 Cookies are files containing small amounts of information, which a computer or another device download when a person visit a website.
184.108.40.206 A person can delete or block cookies by choosing the appropriate settings in their browser to allow all or part of the cookie to be discarded. Please note that using browser settings that block cookies (including required cookies), a person may encounter problems using all or a part of the website’s features.
220.127.116.11 The website uses the Google Analytics tool, which collects information about your IP address, visit time, duration, viewed internal pages of the Website, and actions taken on them (such as button clicks or form validations). The cookie generated information about your actions on the Website is transferred and stored on Google servers located in the USA. This information is used to report usage statistics for a Website without personally identifying individual visitors.
18.104.22.168 The Website uses plugins of a social networking site facebook.com. This network is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (Facebook). Our Website has no influence on the volume of data collected by this Facebook plugin. For more information about the data collected and used by Facebook, related rights and privacy protections, see Facebook privacy notices.
22.214.171.124 Cookies, the term they are valid for and their purpose of use.
|Cookies||Valid for||Purpose||Is the Cookie compulsory?|
|gdpr||1 year||This cookie stores the visitor interaction information with the elements
falling within the scope of the BDAR (GDPR)
|catAccCookies||30 days||This cookie is used by WordPress plugin, which remembers the fact that
|_icl_current_language||1 year||This cookie is used to save a user’s selected language||Yes|
|_ga, _gid||1 year||These cookies are used to collect statistical information about the traffic
on the Website within the system of Google Analytics
126.96.36.199 Cookies can be changed and updated.
2. THE MAIN PRINCIPLES AND OBJECTIVES FOR PERSONAL DATA PROCESSING
2.1. Upon performing the functions and processing personal data at the Clinic, the following principles for the processing of personal data are observed:
2.1.1. personal data is collected for specified and legitimate purposes and processed in a manner consistent with those purposes;
2.1.2. the collection and processing of personal data is subject to the principles of expediency and proportionality; there is no requirement for data subjects to provide data that is not necessary; surplus data is not accumulated and unmanaged;
2.1.3. personal data is processed accurately, honestly and lawfully;
2.1.4. personal data must be accurate and constantly updated if necessary for the purpose of personal data processing. Inaccurate or incomplete data is corrected, supplemented, destroyed or its processing stopped;
2.1.5. personal data shall be stored in such a way that the identity of the data subjects can be determined for no longer than is necessary for the purposes for which the data was collected and processed.
2.2. Personal data in the Clinic are collected only in accordance with the procedure laid down in the legal acts, receiving them directly from the data subject, formally requesting on the basis of information processing and having the right to provide it entities and contracts.
2.3. Personal data is stored for no longer than what the data management purposes require. Where personal data is no longer required for the purpose of their processing, they shall be destroyed, except those to be transferred to the Clinic’s archives in the cases specified by law.
2.4. The Clinic ensures that all relevant information is provided to the data subject in a clear and comprehensible manner.
2.5. In the cases and according to the procedure established by law, the Clinic may provide personal data processed by it to the third parties.
2.6. The protection of personal data against accidental or unlawful destruction, alteration, disclosure, as well as any other unlawful handling is ensured through the implementation of appropriate organizational and technical measures. The premises where the collected data is stored is physically protected from access by unauthorized persons.
2.7. Personal data shall be protected from unauthorized access through computer networks.
2.8. Compliance with the principles of personal data processing is ensured by the Director of the Clinic by taking appropriate organizational measures (orders, instructions, recommendations).
2.9. The purposes of personal data processing are as follows:
2.9.1. internal administration (consultation or registration for consultation / treatment, etc.), provision of high-quality health services.
2.9.2. Comments and tutorials for the promotional purposes.
2.10. With the aim of achieving the purpose of the data processing laid down in Clause 2.9.1., the following personal data are processed:
2.10.1. Non-sensitive personal data:
188.8.131.52. First name, last name;
184.108.40.206. Date of birth;
220.127.116.11. Email address, telephone number and/or other contact information.
2.11. With the aim of achieving the purpose of the data processing laid down in Clause 2.9.2., the following personal data are processed:
2.11.1. Non-sensitive personal data:
18.104.22.168. First name, last name;
2.13. Services provided by the Website can be used by:
2.13.1. any competent natural person over 18 years old;
2.13.2. legal persons;
2.13.3. authorized representatives of all the above persons.
2.14. Personal data shall be stored and processed as follows:
2.14.1. After registration to procedures and after providing procedures, according to the terms specified in the Personal Data Processing Rules, which are presented to the Patient during the first visit to the Clinic.
2.14.2. For the purpose of administering electronic queries, they are kept for 2 months, the comments and the information provided with them, for marketing purposes and administration of comments, are kept indefinitely.
2.15. Upon the above deadlines, your Personal Data will be destroyed automatically.
2.16. The Clinic reserves the right to store data for an unlimited period if it has been used in the course of an unlawful act or identity theft or any other violation that has been or will be investigated by the relevant law enforcement authorities if the Clinic has received any complaints related to the person or in case of other legitimate purposes to store personal data.
2.17. The Clinic collects, uses or transmits Personal Data only on the basis of consent or to the extent necessary on the basis of special individual cases (e.g. answering queries, coordinating and approving the time of the appointment, etc.) in order to ensure the quality of service provision.
3. RIGHTS OF THE DATA SUBJECT
3.1. The data subject has the right, in an easy manner and at reasonable intervals, to get acquainted with his personal data in the Clinic and to obtain information on which sources and what his personal data are collected, for which purpose they are processed and for whom they are provided. This includes the right of the data subject to access his or her health data, for example, to receive medical record statements containing information such as diagnosis, results of tests, conclusions from medical doctors and prescribed treatment or intervention. The clinic, upon receiving the written request from the data subject, within 15 working days from the date of receiving the request from the data subject, shall submit the requested data in writing or indicate the reason for refusing to satisfy such a request.
3.2. If the data subject, having become aware of his or her personal data, finds that they are incorrect, incomplete or inaccurate, he/she shall contact the Clinic (in writing, orally or in another form that allows to clearly identify the identity of the applicant). Clinic staff are required to verify and immediately correct any incorrect, incomplete or inaccurate personal data.
3.3. Adjustment and correction, updating and deletion of personal data to the extent permitted by legislation of the Republic of Lithuania and the EU and technical possibilities are performed with the consent or request of the data subject.
4. PROVISIONS ON PERSONAL DATA SECURITY
4.1. The clinic implements appropriate organizational and technical measures to protect personal data from accidental or unlawful destruction, alteration, disclosure, and any other unlawful handling.
4.3. The Clinic’s staff must observe the confidentiality principle and keep confidential any information related to personal data they have acquired in the course of their duties, unless such information is made public in accordance with applicable laws and regulations.
4.4. Staff performing personal data processing functions shall, in order to prevent accidental or unlawful destruction, alteration, disclosure and any other unauthorized handling of personal data, keep documents and data files in an appropriate and safe manner and avoid unnecessary duplication. Copies of the Clinic’s documents containing personal data must be destroyed in such a way that they cannot be reproduced and their contents cannot be recognized.