Dear patients,
We would like to inform you that the company my DENT cz, s.r.o., ID No.: 241 80 335, with its registered office at Bělohorská 257/45, 169 00 Prague 6, works with personal data responsibly and in accordance with the requirements of Act No. 101/2000 Coll. on the protection of personal data and Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of personal data.
In this context, we would like to inform you that we use your personal data only for therapeutic and diagnostic purposes and activities necessary for the operation of the dental practice.
All data is stored on secure media, protected by passwords and can only be accessed by predefined persons. Information in paper form is protected by a lock.
We process the following personal data: name, surname, address, telephone number, email, health insurance information, health information.
We use personal information only for the purposes of your treatment and the operation of the dental practice. Only the doctor, dental hygienist or medical staff employed by my DENT cz, s.r.o., accountants, dental software operator and our cooperating laboratories may come into contact with personal data.
INFORMATION FOR PATIENTS ON THE PROCESSING OF PERSONAL DATA
Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- Personal data controller
my DENT cz, s.r.o.
IČO: 241 80 335
Bělohorská 257/45, 169 00 Prague 6
office@mydent.cz
The administrator is a provider of health services in accordance with Act No 372/2011 Coll., on health services and conditions of their provision, as amended. - Purpose(s) of the processing of personal data
We process your personal data for the purpose of
- providing health services
- billing for health services
- communicating health data to you and other authorised persons
- organising the provision of health services (ordering patients)
- keeping records of our income and expenditure, payments received and management as required by tax and accounting regulations
- providing health services
- Legal basis for the processing of personal data
The legal basis for the processing of your personal data referred to in point II. is
- the fulfilment of our legal obligation (in particular Act No. 372/2011 Coll., on health services and conditions of their provision, Act No. 48/1997 Coll, Act No. 563/1991 Coll., on Accounting, Act No. 586/1992 Coll., on Income Taxes, Act No. 634/1992, on Consumer Protection)
- to fulfil the obligations under the health care contract under which we provide you with health services (this contract does not have to be in writing)
- the fulfilment of our legal obligation (in particular Act No. 372/2011 Coll., on health services and conditions of their provision, Act No. 48/1997 Coll, Act No. 563/1991 Coll., on Accounting, Act No. 586/1992 Coll., on Income Taxes, Act No. 634/1992, on Consumer Protection)
- Recipients of personal data
The recipients of your personal data may be, in accordance with the provisions of the legislation, in specific cases, in addition to you: the provider of health services, public authorities and persons authorised to inspect medical records pursuant to Section 31, Section 32, Section 33 and Section 65 of Act No 372/2011 Coll., on health services and conditions of their provision. In addition to the controller, personal data may also be processed by processors for the purposes described above on the basis of personal data processing contracts concluded in accordance with the General Data Protection Regulation.
We do not transfer your personal data abroad.
- Period od processing of personal data
Personal data contained in medical records are processed for the period of time specified by Decree No. 98/2012 Coll., on medical records. Personal data processed for the other purposes listed in point III are processed for the period specified by law or for as long as you are our patient and then for one year after you cease to be our patient.
- Rights of the data subject
When processing personal data, you have the following rights regarding the protection of your personal data:
- the right to request access to your personal data from us;
- the right to rectification of your personal data that we process;
- the right to restriction of processing. Restriction of processing means that we must mark your personal data for which processing has been restricted and we must not continue to process it for the duration of the restriction, except to store it.
You have the right to restriction of processing if
- you contest the accuracy of the personal data and for the period necessary for us to verify the accuracy of the personal data;
- the processing is unlawful and you object to the erasure of the personal data and request instead that we restrict its use;
- if we no longer need your personal data for the purposes of the processing but you require it for the establishment, exercise or defence of legal claims;
- if you have raised an objection to the processing set out in section VII below, until it is verified that our legitimate grounds for processing outweigh your interests or rights and freedoms
- you contest the accuracy of the personal data and for the period necessary for us to verify the accuracy of the personal data;
right to erasure of personal data. The right to erasure of personal data applies only to personal data that we process for purposes other than the provision of health services. We may not erase data that we hold about you for the purpose of providing health services (e.g. in medical records);
the right to data portability. You may request that we provide your personal data to you for the purpose of transferring it to another data controller or that we transfer it to another data controller ourselves. However, you only have this right in respect of data that we process automatically on the basis of your consent or a contract with you. However, we may only disclose the data we hold about you for the purpose of providing health services (e.g. in medical records) to you and, subject to legal conditions, to another health service provider or public authority.
- the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is in breach of data protection legislation. You can lodge a complaint with the supervisory authority at your usual place of residence, place of employment or at the place where the alleged breach occurred. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection, Pplk. Sochor 27, 170 00 Prague 7, www.uoou.cz.
- the right to request access to your personal data from us;
- Right to object to processing
If we process your personal data for the purposes of our or someone else's legitimate interests (the legal bases for processing are set out in section III), you have the right to object to such processing at any time. You can object to this at our address set out in section I. If you raise such an objection, we will only be entitled to continue such processing if we can demonstrate compelling legitimate grounds for the processing which override your interests or rights and freedoms and if the processing is necessary for the establishment, exercise or defence of legal claims.
- Mandatory processing and the obligation to provide personal data
Processing your personal data for the purposes of providing healthcare services is a legal requirement. Failure to provide your personal data may mean that we are unable to provide you with health services, which may result in damage to your health or a direct threat to your life (Section 41(1)(d) of Act No 372/2011 Coll., on Health Services and Conditions of their Provision). The obligation to provide the patient's personal data also applies to the patient's legal representative or guardian (Section 41(2) of Act No. 372/2011 Coll., on health services and conditions of their provision).