0

Added to cart

Privacy Policy

Privacy Policy

This Privacy Policy sets out the privacy practices of UAB Inovatum, legal entity code 304545816, located at Partizanų g. 61-806, LT-49282 Kaunas, Lithuania; UAB Medihub, legal entity code 305665284, located at Karaliaus Mindaugo pr. 35, 44307 Kaunas, Lithuania; UAB Medihub Capital, legal entity code 305867115, located at Ukmergės g. 126, LT-08100 Vilnius Lithuania; (hereinafter collectively referred to as the "Controller"), the conditions of processing of personal data when the Controller provides services, serves persons when they contact the Controller by telephone or other means, as well as when persons use the website www.medihub.lt or shop online.

We are not responsible for the privacy policies of other websites to which you may be directed for further information. Visitors may be directed to the Manager's social networking accounts, the links to which can be found at www.medihub.lt.

When information is sent via social networking accounts, personal data provided by visitors may be disclosed to the operators of these social networks and to other persons with whom the operators of the social networks share personal data. The Manager is not responsible for the privacy policies of these networks, and we recommend that you familiarize yourself with them as well.

For the purposes of this Privacy Policy:

  • ADTAĮ - Law on Legal Protection of Personal Data of the Republic of Lithuania.
  • Personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, a personal identification number, location data and an online identifier, or to one or more factors specific to the natural person's physical, physiological, genetic, mental, economic, cultural or social identity.
  • Company/Companies/Manager/Mes - UAB "Inovatum", legal entity code 304545816, located at Partizanų g. 61-806, 49282 Kaunas, Lithuania; UAB "Medihub", legal entity code 305665284, located at Karaliaus Mindaugo pr. 35, 44307 Kaunas, Lithuania; UAB "Medihub Capital", legal entity code 305867115, located at Ukmergės g. 126, 08-08100 Vilnius, Lithuania e-mail info@medihub.lt Phone +370 666 11600.
  • GDPR/General Data Protection Regulation - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
  • Recipient means the natural or legal person, public authority, agency or other body to which the personal data are disclosed, whether or not to a third party.
  • Data Subject - an employee, customer or other natural person whose personal data is processed by the Company.
  • Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as: collecting, recording, sorting, storing, adapting or modifying, reproducing, retrieving, using, disclosing, transmitting, disseminating or otherwise making available, arranging in an appropriate order or combination, blocking, erasing or deleting.
  • Data Processor - a legal entity that processes personal data on behalf of the Company.
  • Privacy Policy - this policy, which sets out the terms and conditions of personal data processed by the Company.
  • Other terms used in this Policy are consistent with the terms used in the GDPR and the GDPR.

This Privacy Policy describes the procedures, purposes and processing of your data, so please read this policy carefully and if you have any questions, please contact us at the contact details set out in this Privacy Policy and we will respond to your questions.

Ways of obtaining personal data

We process your personal data received in the following ways:

  • when you provide personal data to us;
  • when we receive your personal data from other persons in accordance with the procedure established by legal acts and/or this Privacy Policy (we may receive the data from other healthcare institutions, insurance companies, laboratories, territorial health insurance funds or other lawful means).

We will process your personal data for the following purposes:

1. For the purpose of providing the services;

Data categories

  • For this purpose, we will process your name, surname, contact details (telephone number, email address), date of birth, insurance ID number, special categories of data (services provided, examinations, diagnoses, visits to specialists, descriptions of services provided, medical history, health data, referrals, consent forms for procedures, etc.), photographs (including photographs of individual parts of your body).

Legal basis for the treatment

  • The legal basis for the processing of personal data is provided for in Article 6(1)(a), (b) and (c), Article 9(2)(a), (b), (c), (h) of the GDPR

Processing deadlines

  • We will process your data within the time limits provided for by law.
  • Contract with the client - 10 years after the end of the contract;
  • Outpatient health record - 15 years after the last visit;
  • Statistical record of a person's outpatient treatment - 5 years after the last visit;
  • Outpatient logbook - 5 years after the last visit.

Source of data

  • We receive your data directly from you, as well as from other healthcare institutions, laboratories and territorial health insurance funds;

Categories of data recipients

  • We may transfer your data to other healthcare institutions, territorial health insurance funds, insurance companies, testing laboratories, dispute resolution bodies, as well as to our Company's auditors and legal advisors, in accordance with the procedures established by law.

2. For direct marketing purposes;

Data categories

  • For this purpose, we will process your telephone number, email address, age, gender (in order to provide you with the most suitable offer).

Legal basis for the treatment

  • We will process this data on the basis of Article 6(1)(a) of the GDPR.

Processing deadlines

  • We will process your data for 5 years from the date of your consent or until your consent is withdrawn.

Source of data

  • We receive data directly from you.

Categories of data recipients

  • We may provide data to suppliers of online registration services, website support services and direct marketing services.

3. For the purpose of registering for the visit and administering the visit

Data categories

  • For this purpose, we will process your name, surname, contact details (telephone number, email address), date of birth, insurance ID number;

Legal basis for the treatment

  • The legal basis for the processing of personal data is set out in Articles 6(1)(b) and 9(2)(a) of the GDPR;

Processing deadlines

  • We will keep your registration information for up to 5 years after your visit;

Source of data

  • We receive your data directly from you;

Categories of data recipients

  • We may transfer your data to suppliers of online registration services and website maintenance services;

4. For the purpose of customer service (managing requests, enquiries, complaints, feedback or other stakeholder communications).

Data categories

  • For this purpose, we will process your name, surname, telephone number, email address and the content of your communications with the Company.

Legal basis for the treatment

  • We will process this data on the basis of Article 6(1)(a), (f) and Article 9(2)(a) of the GDPR.

Processing deadlines

  • We will process your data for 1 year from the date of your request, except if it is necessary to process the data for a longer period of time in order to resolve the claim, or if there is an inquiry or other dispute process, until the end of the dispute process.

Source of data

  • We receive data directly from you. If you lodge a complaint with a supervisory authority, we may receive your data from the following authorities.

Categories of data recipients

  • We may transfer data to suppliers of online registration services, website support services, dispute resolution bodies, as well as to our Company's auditors and legal advisors.

5. Recording of telephone conversations for quality improvement and contracting purposes (evidence of contract terms).

Data categories

  • For this purpose, we will process your phone number, the content of the call, the time of the call (start and end time).

Legal basis for the treatment

  • We will process this data on the basis of Article 6(1)(a) of the GDPR.

Processing deadlines

  • We will process your data for a maximum period of 6 months from the date of the recording.

Source of data

  • We receive data directly from you.

Categories of data recipients

  • We may transfer data to companies that provide telephone call handling, communication services and data storage services.

6. For the protection of persons and property.

Data categories

  • For this purpose, we will process your image when you visit our Company's premises.

Legal basis for the treatment

  • We will process this data on the basis of Article 6(1)(f) of the GDPR.

Processing deadlines

  • We will process your data for a maximum of 14 days after your visit to our Company or for a longer period if there are reasonable grounds to suspect that the video recording will be necessary for the purpose of conducting an investigation or for the investigation of a possible crime. In this case, we will retain the video data until the final investigation and decision is made.

Source of data

  • The data comes from CCTV cameras installed on the Company's premises.

Categories of data recipients

  • Companies providing video surveillance (security) services.

7. The Company shall not process the User's Personal Data for any other purposes incompatible with the purposes set out above.

You have the following rights in relation to the processing of your personal data:

  • Receive information about the processing of your personal data.
  • To have access to your personal data stored by the Company.
  • Withdraw your consent to the processing of personal data.
  • Request the rectification of inaccurate or incomplete personal data.
  • Request the erasure (right to be forgotten) of personal data relating to the data subject if this can be justified on one of the grounds set out in Article 17(1) of the General Data Protection Regulation.
  • Request to restrict the processing of your personal data where one of the cases provided for in Article 18(1) of the General Data Protection Regulation applies.
  • The right to data portability.
  • To object to the processing of personal data concerning him or her.
  • File a complaint with the supervisory authority,
  • The right to redress for improper processing of personal data.

If you believe that your rights have been violated or that your data are being processed unlawfully, you have the right to lodge a complaint with the State Data Protection Inspectorate (L. Sapiegos g. 17, Vilnius, tel. (8 5) 271 2804, 279 1445, e-mail: ada@ada.lt) or with a supervisory authority in another Member State of the European Union in which you have your permanent place of residence or place of work (the list of supervisory authorities is available on https://edpb.europa.eu/about-edpb/about-edpb/members_lt#member-lt). In all cases, please contact us before making a complaint so that we can work together to find a suitable solution.

Please note that the exercise of your rights will depend on the conditions for exercising the specific right. Where there is a legal basis, your right may not be exercised due to specific circumstances and our Company may refuse to comply with your request.

Your application for the exercise of your rights will be processed within 1 month, which can be extended to 2 months if necessary. The Company will inform you of the extension of the time limit for processing your request.

Cookies (English cookies)

We are constantly improving the website and making www.medihub.lt as easy and convenient to use as possible. To do this, we need to know what information visitors are most interested in, which cities the site is visited from, how often visitors log in, which browser they use, what content they are interested in, which devices they use to read the site, etc. To make the website work properly, we store small data files called cookies on your device. If you have any questions regarding the matters set out in this Privacy Policy, please contact the Company at Karaliaus Mindaugo pr. 35, 44307 Kaunas, LT-44307 Kaunas, Lithuania, e-mail: info@medihub.lt Telephone +370 666 11600.