Privacy policy
This Privacy Policy, which is based on the General Data Protection Regulation (GDPR), describes the personal data we collect in connection with our activities, how we process, use and protect that data, the purposes for which they are used, and your rights concerning your personal data.
THE FUNDAMENTAL PRINCIPLE OF OUR BUSINESS IS PRIVACY AND PROTECTION OF PERSONAL DATA
The privacy of individuals and the protection of personal data constitute fundamental human rights. We are obliged to handle the personal data we collect, process and store with care. Data are a responsibility and must be collected and processed only when necessary along with security measures to protect them.
ARENA Dental Polyclinic follows the following principles with the aim of protecting the privacy and personal data of our patients, our website visitors, job applicants, business partners and visitors:
- We do not collect more personal data than necessary
- We do not use personal data for purposes other than those stated
- We do not store personal data if those data are no longer required
- We will never sell, lease or distribute your personal data to third parties
- We do not disclose personal data to third parties without your consent and if it is not required
- We do not use automated processing for any decision making or profiling purposes
- We are constantly ensuring that personal data are securely stored and protected.
This Privacy Policy provides important information and we hope you will take the time to read it and pay attention to it. Our goal was to make it as clear as possible and understandable to all, and with the wish to maintain your complete trust regarding the way we handle your personal data.
Should you have any further questions concerning the protection of personal data at the ARENA Dental Polyclinic after reading this, or would like to share your ideas and recommendations with us, please contact our Data Protection Officer by:
- E-mail: dpo@arenapoliklinika.hr or
- by post to the address ARENA Dental Polyclinic, Remetinečki gaj 2k, 10000 Zagreb.
We update our privacy policy on a regular basis to improve the protection of your data.
This privacy policy was updated on 16 September 2022.
1 ABOUT US
ARENA Dental Polyclinic, Remetinečki gaj 2k, 10000 Zagreb, Personal Identification Number (OIB): 00416500880, shall act as the data controller determining the purposes and methods of processing your personal data and taking all necessary measures to secure your personal data as potential, current and former patients, business partners and job applicants, and for the processing of patients’ personal data it shall also act as the joint data controller with the affiliated companies ARENA DENTAL d.o.o., Ulica bagrema 2, 10431 Strmec and ASEF ADRIA d.o.o., Ilica 1A, 10000 Zagreb, within our Adria Dental Group.
2 WHICH DATA WE PROCESS, HOW AND FOR HOW LONG
When registering potential patients for a free specialist examination, we will need your minimum personal data (name and surname) and contact details (e-mail and phone) in order to better communicate with you regarding your dental health and schedule an appointment for the first examination, and the delivery of your dental scan or orthopaedic scan is surely encouraged, but only if you have them and are willing to share them with us, in accordance with the regulations ensuring the lawfulness of the handling of health data as special categories of personal data under the GDPR, with the highest level of security for the processing of these personal data.
In providing all of our dental services to you as our patient, we collect all data about your dental health while maintaining the patients' records, as well as any necessary personal data regarding your health (presence of chronic diseases, infections, any special conditions related to anesthesia, possible allergies, etc.) necessary for the provision of dental services and the protection of your health during the performance of individual specialized treatments and surgical procedures, in accordance with the regulations ensuring the lawfulness of the handling of health data as special categories of personal data under the GDPR, with the highest level of security for the processing of these personal data.
We store all data relevant to ensuring the highest quality of your dental health in your patient record, which we undertake to keep for ten years after the end of your treatment in accordance with the legal provisions governing dentistry, while fully respecting the patient's right to confidentiality of health data in accordance with the regulations on professional secrecy, whereas older data are archived.
We will store the required minimum personal data (first name, last name, personal identification number, address, service provided) for the purpose of invoicing our services in accordance with accounting and tax regulations.
We use video surveillance to protect the property and safety of our employees, patients, business partners and visitors and we monitor only appropriate areas around and within the polyclinic's business premises, the recording areas of which have been clearly labeled with notices, and we store video surveillance recordings for a maximum of six months from the date of creation.
We will send newsletters containing updates from our polyclinic, our services and special offers only upon your consent to use your e-mail address for this purpose, and we will use it until you withdraw your consent or submit a complaint.
While you may use our website without providing any personal data, should you contact us using our contact form to book a free specialist examination or treatment, or for possible employment, business relationship or inquiries, we will obtain your first and last name and your e-mail address. As long as we maintain open communication in terms of establishing cooperation and a possible contractual relationship, we will collect and continue to use your personal data and erase the data after the termination of the contractual relationship, the expiry of all legal obligations or the termination of the existence of legal bases from the GDPR in connection with the processing of your personal data. We will respond to your initial inquiry through our contact form on our website or directly via e-mail. Should there be no further communication between us, we will delete all your personal data after 6 months.
Please note that if you are under the age of 16, you will be required to provide your parent's or guardian's consent before providing any personal information through our contact form.
Our website contains links to other websites and social networks (e.g. Facebook, Instagram, YouTube, LinkedIn) and this Privacy Policy does not apply to them. We recommend that you read the privacy policy of any website or social network you visit, especially those where you submit information.
Cookies are small text files stored on your computer or device that help customize the user interface of the Internet browser. Except for the cookies necessary to ensure the functionality of our website, we do not collect or store any of your personal data. Your prior consent is required for the use of any other cookies that would allow us to collect your personal data, and in the absence of your voluntary consent, you can still use our website in its entirety and have unrestricted access to all content.
Our website uses the following necessary cookies:
Name Type Duration Purpose
AWSALBCORS HTTP 6 days server load management
cookie_control_consent HTTP 1 year functional
cookie_control_enabled_cookies HTTP 1 year functional
url_cookie HTTP 2 days functional
Our website uses the following statistical and marketing cookies:
Name Type Duration Purpose
_hjAbsoluteSessionInProgress HTTP 1 day Google Tag Manager, statistics
_hjFirstSeen HTTP 1 day Google Tag Manager, statistics
_hjIncludedInPageviewSample HTTP 1 day Google Tag Manager, statistics
_hjIncludedInSessionSample HTTP 1 day Google Tag Manager, statistics
_hjRecordingLastActivity HTML session Google Tag Manager, statistics
_hjSession_# HTTP 1 day Google Tag Manager, statistics
_hjSessionUser_# HTTP 1 day Google Tag Manager, statistics
__zlcmid HTTP 1 day zopim.com, marketing
_fbp HTTP 3 months Facebook, marketing
_gcl_au HTTP 3 months Google AdSense, marketing
_ga_# HTTP 1 year Google Analytics, analytic
_gat_# HTTP 1 second Google Analytics, analytic
_ga HTTP 2 years Google Analytics, analytic
_gid HTTP 1 day Google Analytics, analytic
During the candidate selection and hiring process, we collect basic data about candidates for employment, first and last name, home address, e-mail address, phone number, education and work experience, and other data which you submit through your resume, as a compilation of your important personal data for conducting the selection and hiring process. Upon completion of the selection process, we will hire the selected candidates and collect all required data in accordance with legal obligations, while job applications and personal data of candidates that have not been selected will be returned upon request or permanently erased and retained for a possible period of future employment opportunities upon your consent.
All our patients have the right to object or submit a complaint about the services provided, in which case we collect the necessary personal data of the complainant and store them for a period of up to 12 months in accordance with the relevant regulations concerning the protection of consumer rights.
3 WHO CAN ACCESS YOUR DATA
We are working with trusted business partners who help us provide and improve our services and make our direct communication with you more effective. We provide access to your personal data to authorized external processors for the purpose of processing personal data on our behalf and on the basis of our explicit instructions under concluded contracts on the processing of personal data. Said partners shall strictly adhere to the obligation of confidentiality in accordance with this Privacy Policy, the contracts concluded with them and the obligations arising from the GDPR.
Our designated third-party processors are business partners that perform accounting and bookkeeping services, personnel selection services, IT services and business application maintenance services, video surveillance, and web and e-mail hosting, without which we would not be able to ensure the highest quality of our services.
To ensure accommodation of our patients during their arrival for the initial examination and procedure in our polyclinic and organized transportation to the polyclinic and place of accommodation, we will disclose your necessary personal data to reliable business partners who arrange transportation and accommodation services for us.
We disclose personal data of our patients and job applicants with affiliated companies ARENA DENTAL d.o.o., Ulica bagrema 2, 10431 Strmec and ASEF ADRIA d.o.o., Ilica 1A, 10000 Zagreb, within our Adria Dental Group.
4 YOUR RIGHTS
You can contact us at any time to exercise your rights regarding the protection of your personal data. You have the following rights:
Right of access to personal data
You have the right to access your personal data and to be informed about which data we handle and how, for what purpose and for how long. You have the right to access your personal data or to request a copy of your personal data.
Right to rectification of personal data
You have the right to demand correction or update of inaccurate or incomplete personal data you have provided to us and which we have obtained.
The right to erasure of personal data
You have the right to request erasure of your personal data if the data are no longer necessary to serve the purpose for which they were collected, if you submit a justified complaint, or if your personal data are processed unlawfully.
Right to object
You have the right to object to specific handling of your personal data. For example, you may request that we stop processing your personal data for direct marketing purposes.
Right to restriction of processing
You may request that we restrict data processing, for example, if an erasure, rectification or objection is due in relation to your personal data and/or if we do not have a valid basis for processing your data and you would like us to keep it. Where processing is restricted, your data will be stored and will not be processed further. For example, should you contest the accuracy of your data, the handling of such data will be restricted as long as the data are not verified as accurate.
Right to data portability
Where the data are handled by automated means on the basis of a contract or consent, you have the right to request the personal data you have provided to us in a structured and standard format that is machine-readable and to disclose this data to third parties by your decision.
Do not hesitate to submit a request if you want to exercise any of the above rights:
We will respond to your request at the earliest opportunity and no later than one month after receiving your request. In the event that we are unable to confirm your identity with certainty, we have the right to request an additional verification of the applicant's identity.
RIGHT TO FILE A COMPLAINT WITH THE COMPETENT BODY
You also have the right to file a complaint directly with the competent supervisory authority at any time, particularly if you are in the EU country in which you usually reside, work or the place of the alleged violation if you suspect that our processing of your personal data is not lawful.
Direct contacts of the competent supervisory authority in the Republic of Croatia are:
CROATIAN PERSONAL DATA PROTECTION AGENCY (AZOP)
Selska cesta 136
HR - 10 000 Zagreb
Phone: +385 1 4609 000
E-mail: azop@azop.hr
Website: www.azop.hr
IMPROVING THIS PRIVACY POLICY
We reserve the right to occasionally adapt and improve the text of this Privacy Policy, primarily for the purposes of complying with legal changes, that is, changes in the purposes and methods of processing. However, we will not restrict your rights resulting from this Privacy Policy or the relevant legislation. Should there be any changes that could affect your rights, you will be informed directly in a timely and an appropriate manner.