Bariatric Services AS, the address: Kaluri tee 5a, Haabneeme, Viimsi, the registry code at the Commercial Register: 12190939, e-mail: is the owner of the site www.bariatricservices.eu and responsible for the processing of personal data.
Bariatric Services AS’s personal data protection specialist is Aarne Saareväli, e-mail:
The basis for the privacy conditions of AS Bariatric Services is the General Regulation on the Protection of the Personal Data of the European Union (GDPR- General Data Protection Regulation and the Personal Data Protection Act of the Republic of Estonia, whose purpose is to protect the fundamental rights and freedoms when processing the personal data of an individual in accordance with the public interest.
2.PURPOSE AND LEGAL BASIS OF PROCESSING OF PERSONAL DATA
The legal basis for the processing of personal data is the consent that was given by the person (data subject) who filled in the site questionnaire.
The collected personal data is processed only for the purpose of providing the Service, which aims to:
- evaluate and provide preliminary opinion whether the bariatric surgery is indicated to the person who made the request for it, whether the operation is suitable for him or her, and what kind of procedure we recommend;
- entering into contact with the person using the contact information provided by him or her.
- to send additional information to the person’s e-mail about the clinic and the service. At any moment, the person has the opportunity to opt out of e-mails containing additional information by removing himself from the e-mail recipient list by clicking on the unsubscribe link in the received e-mail.
3.WHAT DATA IS COLLECTED
We collect and use only the data that is necessary to achieve the purposes mentioned above.
Bariatric Services handles the following personal data: name and surname, phone number, e-mail address, height, weight, age.
In the case of the surgical operation also: residence address, personal identity number /date of birth, name and telephone number of the contact person in case of emergency.
In addition to all mentioned above we collect various medical data (sensitive personal data) which are in relation to your health.
All mentioned data here above is being submitted to us by the data subject via the site questionnaire, independently and voluntarily.
The collected personal data for the provision of the Service described in clause 2 are stored up to 1 year, starting from the last contact. Personal data that is collected and used for the provision of healthcare services is stored in accordance with the provisions of the Health Services Organisation Act.
5.RIGHTS OF THE DATA SUBJECT
The data subject has the right at any time to:
- ask a information about what personal data (about him or her) is being processed;
- get access his or her personal data that is being processed;
- ask for modifications to his or her personal data in case the data subject believes that this personal data is not up to date or accurate;
- withdraw a previously given consent for processing of their personal data;
- be forgotten. Also known as right to erasure, this right provides the data subject with the ability to ask for the deletion of their data. This will generally apply to situations where a customer relationship has ended. It is important to note that this is not an absolute right, and depends on your retention schedule and retention period in line with other applicable laws.
- ask for transfer of his or her personal data. As part of such request, the data subject may ask for his or her personal data to be provided back (to him or her) or transferred to another controller
To do this, the data subject shall submit an application to the e-mail address . An application for identification must come from the same e-mail address from which the consent for the processing of personal data was given. The cancellation of consent is not retroactive.
The data subject has also right to submit a complaint to the supervisory authority.
6.TRANSFER OF PERSONAL DATA TO THIRD PARTIES
All information regarding our customers’ personal data that we have acquired is regarded as confidential information. We do not share your personal data with any third party, except in cases when it is necessary to provide our services (for example, to a laboratory or to a hospital in case of an operation in the hospital) or when the law requires it.
Bariatric Services AS collects and stores personal data electronically.
When completing the site questionnaire, the information coming from the site visitor’s device and received by our site is encrypted.
Sending a copy of the completed site questionnaire to the person who filled it to his or her e-mail address (in case of the request of the person completed the site questionnaire) occurs by e-mail.
Data transfer via the Internet or by e-mail is never 100% secure. And so we cannot provide a 100% guarantee when transmitting any information.
Accordingly, when we receive the information transmitted by you, we do everything in our power to ensure that it is protected within our system. Your data is stored on secure servers and protected by anti-virus software, and the access is possible only on the basis of the password.