Privacy policy

This Privacy Policy based on the General Data Protection Regulation (GDPR) explains what personal data is collected in connection with our activities, how we process, use and protect this data, for what purposes we use it, as well as your rights related to your personal data.

THE FUNDAMENTAL PRINCIPLE OF OUR BUSINESS IS PRIVACY AND PROTECTION OF PERSONAL DATA

Privacy of individuals and protection of personal data are fundamental human rights. It is our duty to take care of the personal data that we collect, process and store. Your personal data is our responsibility and we collect and process it only when it is necessary while ensuring security measures to protect it.

ARENA dental clinic, a member of the Adria Dental Group - the largest group of dental medicine in the Adria region, adheres to the following principles with the aim of protecting the privacy and personal data of its patients and all persons whose personal data we process:

We do not collect more personal data than is absolutely necessary
We do not use personal data for purposes about which you are not informed in time
We do not store personal data if it is no longer necessary
We never sell, lend or distribute personal information
We do not send personal data to third parties without your knowledge and if it is not legal
We do not use any automated processing for decision making or profiling
We do not transfer personal data outside the EU/EEA
We continuously ensure that personal data is securely stored and protected.

It is important to read this Privacy Policy and we hope you will take the time and your attention. We have tried to make it as clear and understandable as possible with the desire to maintain your full trust in the way we handle your personal data.

If, after reading, you will have further questions about the protection of personal data at the ARENA Dental Polyclinic, please feel free to contact our Data Protection Officer at any time:

Igor Barlek, CIPP/E, Adria Dental Group Data Protection Officer

by email to the address bi@biconsult.hr or
by mail to the address Stomatološka poliklinika ARENA, Remetinečki gaj 2k, 10000 Zagreb or
by mail to Adria Dental Group, Ul. Josipa Marohnića 3, 10000 Zagreb.

We regularly update our Privacy Policy to improve and protect your information.

This Privacy Policy was updated on March 6, 2023.

1. WHO WE ARE

ARENA Dental Clinic, Remetinečki gaj 2k, 10000 Zagreb, is the controller of your personal data and determines the purposes and methods of processing your personal data and takes care of ensuring all security measures for your personal data, and in relation to patients' personal data also acts as a joint controller with related companies - our dental laboratory ARENA DENTAL d.o.o., Jaruščica 9A, 10020 Zagreb, our group ADRIA DENTAL GROUP d.o.o., Ilica 1A, 10000 Zagreb and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb.

2. WHAT DATA DO WE PROCESS, HOW AND FOR HOW LONG

When registering potential patients for a free specialist examination

For these purposes, we need your basic personal data (name and surname) and contact data (email and telephone) for effective communication and to achieve the best possible understanding of your wishes and needs and to agree on the date of the first examination. At the same time, the delivery of a dental scan or orthopan from your side is certainly welcome, but only if you have them and want to share them with us in accordance with the rules for ensuring the legality of handling health data as special categories of personal data according to the GDPR with the highest level of security of such processing personal data. If you opt out of the free specialist examination, we will permanently delete all your personal data.

When providing dental services to our patients

From the first examination and during the provision of dental medicine services, we are obliged to collect all data about your dental health, keeping a patient record, as well as a necessary set of personal health data (presence of chronic diseases and possible allergies, infections, specifics related to receiving anesthesia, etc.) , necessary for the provision of dental services and the protection of your health when carrying out certain specialist treatments and surgical procedures, in accordance with the rules for ensuring the legality of handling health data as special categories of personal data according to the GDPR with the highest level of security for the processing of such personal data.

During the implementation of the agreed treatments and multiple interventions for the purpose of monitoring the effectiveness of individual phases of the intervention, we also collect photos of the patients' dental images, which are saved exclusively in the patient's file.

In your patient record, we keep all data relevant to ensuring the highest quality of your dental health, which we are obliged to keep for ten years after the end of treatment in accordance with the legal regulations in the field of dental medicine, with full respect for the patients' right to confidentiality of data related to the state of health in accordance with the regulations on the preservation of professional secrets, while older data is archived.

All members of our team are obliged to keep as a professional secret everything they know about your state of health and access to all your personal data is strictly limited, and in accordance with the Health Care Act we are obliged to give access to your personal data at the request of the competent ministry, other state administration bodies in in accordance with the special regulations of the Croatian Chamber of Dental Medicine and competent judicial bodies.

We retain the necessary set of basic personal data (name, surname, ID number, address, service performed) for the purposes of issuing invoices for services in accordance with accounting and tax regulations.

Video surveillance

Exclusively for the purpose of protecting the safety of our patients and employees and all persons who are included in the legal perimeters of the recording, and for the purpose of protecting property and preventing illegal actions directed towards the polyclinic's property from theft, robbery, burglary, violence, destruction, etc., in accordance with our justified and documented legitimate interest, we monitor exclusively the acceptable space around and inside the business premises of the polyclinic, whose recording perimeters are clearly marked with easily visible notices. As a rule, we store video surveillance recordings for up to a month, depending on the amount of recorded records on the storage medium, and a maximum of 6 months.

Selection of candidates for jobs and employment

During candidate selection and employment procedures, we collect basic data about candidates with the intention of entering into an employment contract, name and surname, residential address, email address, phone number, education and work experience, and other data that you submit to us via your resume, as a set of your personal data important for carrying out the selection and employment procedure. After the end of the selection process, we hire the selected candidates and collect all necessary data in accordance with legal obligations, while applications and personal data of unsuccessful candidates are returned upon request or permanently destroyed, and based on your consent we retain them for possible future employment opportunities.

We share the personal data of job candidates with our group ADRIA DENTAL GROUP d.o.o., Ilica 1A, 10000 Zagreb and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb, as related companies based on a valid legitimate interest, in accordance with the provisions of the GDPR.

The consumer's right to object

Each of our patients is guaranteed the right to file a complaint or complaint about the services provided, whereby we collect the necessary set of personal data of the complainant and keep it for a period of up to 12 months, in accordance with regulations in the field of consumer rights protection.

Use of your personal data for the purpose of sending the newsletter

We send news through the newsletter about news from our polyclinic, about our services and special offers based on your consent or a valid legitimate interest in using your email address for this purpose, and we use it until the moment of withdrawal of consent or your objection and expressed desire to stop receiving further notifications.

Collection of your personal data on our website

Although you can use our website without providing personal information, when you contact us via our contact form for the purposes of ordering a free specialist examination or treatment or for the purposes of possible employment, establishing a business relationship or enquiry, we collect your first and last name and email address, and the information about your phone number is extremely useful so that we can determine your wishes and needs in the field of dental health as accurately as possible with our return phone call. As long as we have open communication in the sense of establishing cooperation and agreeing the first review, we will collect your personal data and delete them after the termination of further communication, after the expiration of all legal obligations or the termination of the existence of legal grounds from the GDPR related to the processing of your personal data.

Our website is not intended for providing services to minors under the age of 16, and for this purpose, it is necessary to attach the consent of parents or holders of parental responsibility before providing personal information through our contact form.

Our website also contains links to other websites and social networks (eg Facebook, Instagram, YouTube, LinkedIn) and this Privacy Policy does not apply to them. We recommend that you read the privacy protection terms of each website and social network you visit, especially where you leave information.

Cookies

Our website uses small text files and places them on your computer or device in order to customize the interface of your web browser. Cookies necessary to ensure the functionality of our website cannot be turned off. They are typically set in response to your actions involving a request for services, such as cookie settings, logging in, or filling out forms. Your prior consent is necessary for the use of other cookies with which we would collect your personal data, and even in the absence of your free consent, you can still fully use our website and have unhindered access to all its contents.

Our website uses the following necessary cookies:

Functional

__zlcmid HTTP Duration: 1 year chat functionality
cookie_control_consent HTTP Duration: 1 year functional, cookie control
cookie_control_enabled_cookies HTTP Duration: 1 year functional, cookie control
url_cookie HTTP Duration: 2 days functional, cookie control

Our website uses the following non-necessary (statistical and marketing) cookies:

Facebook

_fbp HTTP Duration: 3 months Facebook, marketing

Google analytics

_gcl_au HTTP Duration: 3 months Google AdSense, marketing
_ga_# HTTP Duration: 2 years Google Analytics, analytical
_gat_# HTTP Duration: 1 minute Google Analytics, analytical
_ga HTTP Duration: 2 years Google Analytics, analytical
_gid HTTP Duration: 1 day Google Analytics, analytical

Hotjar

_hjAbsoluteSessionInProgress HTTP Duration: 30 minutes Google Tag Manager, statistics
_hjd HTTP Duration: 1 year Google Tag Manager, statistics
_hjIncludedInPageviewSample HTTP Duration: 2 min Google Tag Manager, statistics
_hjIncludedInSessionSample HTTP Duration: 2 min Google Tag Manager, statistics
_hjSession_# HTTP Duration: 30 minutes Google Tag Manager, statistics
_hjSessionUser_# HTTP Duration: 1 year Google Tag Manager, statistics

3. WHO HAS ACCESS TO YOUR DATA

We cooperate with exclusively reliable business partners who help us provide and improve our services and make our direct communication with you more effective. We provide access to your personal data to authorized external processors for the purpose of processing personal data on our behalf and on the basis of our express instructions based on concluded contracts on personal data processing in accordance with Article 28 of the GDPR. These partners are obliged to strictly comply with the obligation of confidentiality in accordance with this Privacy Policy, with the contracts we have concluded with them and in accordance with the obligations from the GDPR. Our chosen external processing executors are business partners who provide services for us to achieve contact with patients, personnel selection, IT services and maintenance services for business applications and systems, video surveillance and web and email hosting, without which we would not be able to ensure the fulfillment of the highest quality of our services.

For the purpose of ensuring the accommodation of our patients during their arrival for the first examination and treatment at our polyclinic and organized transport to the polyclinic and accommodation locations, we share your necessary personal data with reliable business partners who provide us with transport and accommodation services.

We share patients' personal data with our dental laboratory ARENA DENTAL d.o.o., Jaruščica 9A, 10020 Zagreb, our group ADRIA DENTAL GROUP d.o.o., Ilica 1A, 10000 Zagreb and PROVECTUS CAPITAL PARTNERS d.o.o., Ilica 1A, 10000 Zagreb, as related companies based on a valid legitimate interest, in accordance with the provisions of the GDPR.

4. YOUR RIGHTS

You are free to contact us at any time in order to exercise your rights in the field of protection of your personal data. Your rights are as follows:

The right to access personal data

You have the right to access your personal data and to be informed about which data and how we process it, for what purpose and for what period. We provide you with the opportunity to receive a copy of your personal data.

The right to correct personal data

You have the right to correct or supplement inaccurate or incomplete personal data collected by us.

The right to delete personal data

You have the right to ask us to delete your personal data, when the data is no longer necessary to achieve the purpose for which it was collected, when you submit a justified complaint or your personal data is processed illegally.

The right to object

You have the right to object to certain handling of your personal data. For example, you can request that we stop processing your personal data for direct marketing purposes via the newsletter.

The right to restriction of processing

You can ask us to limit data processing, for example, when deletion, correction or objection regarding your personal data is pending and/or when we do not have a valid basis for processing your data and you want us to keep it. When processing is limited, your data will be stored and will not be processed further. For example, if you dispute the accuracy of your data, the processing of such data will be restricted until it is ensured that the data is correct.

Right to data transfer

When the processing is carried out by automated means of processing based on a contract or consent, you have the right to receive the personal data that you have provided to us in a structured and commonly used machine-readable format and to transfer such data to third parties at your own discretion.

Right to withdraw consent

If you have previously given your free express consent to the public publication of intraoral and facial photographs or audio/video recordings on our websites or social networks, you have every right to withdraw your consent at any time and we will delete our postings of your photographs or audio/video. records.

If you want to exercise any of the aforementioned rights, feel free to submit a request:

via email at dpo@arenapoklinika.hr or
by mail to the address Stomatološka poliklinika ARENA, Remetinečki gaj 2k, 10000 Zagreb.

We will respond to your request as soon as possible, and no later than one month after receiving your request. In the event of the impossibility of securely confirming your identity, we will be free to request an additional verification of the applicant's identity.

IMPROVING THIS PRIVACY POLICY

We reserve the right to adjust and improve the text of this Privacy Policy from time to time, primarily in order to comply with legal changes, that is, in case of changes in the purposes and methods of processing. However, we will not limit or diminish your rights arising from this Privacy Policy or from the corresponding legal regulations. In the event that there are changes that may affect your rights, we will notify you in a timely and direct manner in an appropriate manner.