Privacy Policy
Dear client
In order to provide you with the services you have requested, we need your personal data. The security of your data and the processing of your data in a lawful manner is of paramount importance to us. Here you can find out how we process your personal data and how we achieve its security.
1. Who are we?
Your personal data is processed by our company
Business name: Esthetic, s.r.o.
Registered office: Partizánska 2, 811 01 Bratislava
ID No.: 35 971 835
VAT No.: 2022112752
VAT No.: SK2022112752
Rep.: Kveta Kopecká, Managing Director
Email: esthetic@esthetic.sk
(hereinafter referred to as the “Controller”).
2. What personal data do we process?
Patient records
In order to provide you with the required plastic surgery, aesthetic dermatology, laser medicine and dermato-cosmetics services and to fulfil all contractual and legal obligations related to this, we process your personal data in the following scope: title, first name, surname, date of birth, address, health data, data about the diseases you have overcome, signature, card number. Tel,
Marketing
With your consent, we process your personal data in the scope of title, name, surname, email, phone number, IP address, cookies.
CCTV
If you come to our clinic, we will also process your video footage, as the premises are imaged by CCTV.
3. For what purpose do we process your personal data?
Patient records
We process your personal data in order to provide you with the required plastic surgery, aesthetic dermatology, laser medicine and dermato-cosmetics services and to fulfil all contractual and legal obligations related to this
Accounting
We process your personal data for the purpose of fulfilling our obligations under the specific legal regulations applicable to the accounting agenda.
Marketing communication
We process your personal data for the purpose of customer care, providing information about products and services and market research, through the chosen method of communication. We only process your personal data for this purpose if you give us your consent to do so.
Cookies
We also process your IP address and cookies with your consent. We use these to improve the functionality of the website and for advertising and remarketing purposes.
Consumer competition
If you participate in a consumer competition that we have launched, we process your personal data to the extent necessary also for the purpose of your participation in the competition and for the purpose of sending you your prize.
Publication of photographs and video footage
If you give us your consent, we will publish your photographs and video footage from before, during and after the procedure on our website and official social media pages.
Where the controller processes personal data on the basis of consent via the website, these services are not intended for use by persons under the age of 16.
4. What is our legitimate interest?
We use the CCTV system to protect our property located in this building as well as to protect the personal data we process.
5. How can you give us consent?
You can give us your consent to process your personal data by ticking the appropriate checkbox
6. How can you withdraw consent?
You may withdraw your consent to the processing of your personal data at any time. You can withdraw your consent
- by sending a notification to newsletter@esthetic.sk
- by sending a notification by post to Partizánska 2, 811 01 Bratislava
7. Who do we provide your data to?
We provide your personal data
to the external doctor performing the procedure, to an external accounting company for accounting purposes, based on a mediation agreement entered into in accordance with the GDPR.
8. How long do we keep your personal data?
Medical records are kept for 20 years after the procedure has been carried out.
Accounting records are kept for 10 years.
We process your personal data for marketing purposes until you withdraw your consent.
In the event of your participation in a competition, we will keep your personal data for the duration of the competition and the winners’ data for as long as is necessary for any claims, up to a maximum of 2 years.
9. Where do we transfer your personal data?
We do not transfer your personal data to any third country. We transfer your personal data to the Czech Republic, where the server is located.
10. Who can you contact?
If you have any questions or suggestions regarding your personal data, you can contact the person in charge:
Name and surname: Kveta Kopecká
Email: esthetic@esthetic.sk
Tel: 0905 244 577
11. Not satisfied?
If you are unhappy with how we process your personal data, you can let us know by emailing esthetic@esthetic.sk. You also have the option to lodge a complaint with the Data Protection Authority if you think we are processing your personal data unlawfully.
12. How do we process your personal data?
We process your personal data in electronic and paper form. We do not use any means of automated individual decision-making. Medical records are kept only in paper form in lockable cabinets in premises that are secured by an alarm and CCTV system. Your personal data processed for marketing purposes is processed in the administration of the website. The website is stored on a server in the Czech Republic and processed by wbx, s.r.o.
13. How do we ensure the protection of your personal data?
The security of your personal data is of paramount importance to us. We have taken the necessary technical and organisational measures to ensure the protection of your personal data. The controller has implemented a strong password policy. Personal data is encrypted. Documents in paper form are stored in lockable cabinets in the premises of the controller, which is secured by an alarm and CCTV system.
14. What rights do you have?
a) Right of access to data
You have the right to know whether we are processing your personal data. If we are processing it, you can ask us for access to the data. Upon your request, we will issue a confirmation with information about the processing of your personal data by our company.
b) Right to rectification
You have the right to have the personal data we process about you correct, complete and up-to-date. If your personal data is incorrect or out of date, you can ask us to correct or complete it.
c) Right to erasure
In certain circumstances you have the right to have your personal data erased by us. You can ask us to erase your data at any time. We will delete your personal data if
- we no longer need your personal data for the purpose for which you provided it to us;
- you withdraw your consent;
- you object to the processing of your personal data;
- we process your personal data unlawfully;
- personal data must be erased in order to comply with a legal obligation;
- if you are a child, or the parent of a child, who has consented to the processing of personal data via the internet;
d) Right to restriction of processing
You can ask us to restrict the processing of your personal data. If we comply with your request, we will only store your personal data and will not process it further. Restriction of the processing of your data will occur if
- notify us that your personal data is incorrect until we have verified its accuracy;
- we are processing your personal data unlawfully, but you do not consent to its erasure and instead request that we restrict the processing of your personal data;
- we no longer need your data, but you need it to prove, exercise or defend your rights;
- you object to the processing of your personal data until we have verified that our legitimate interests outweigh your reasons.
e) Right to data portability
You have the right to request that we provide you with your personal data in an electronic format (e.g. an XML or CSV file) that allows you to easily transfer your data to another company. You can also ask us to transfer your personal data directly to the company of your choice. We will comply with your request if you have provided us with the personal data directly and have given us your consent to process it.
f) Right to object
You have the right to object to us processing your personal data. If we process your personal data for direct marketing purposes, you can object to the processing at any time. We will delete your personal data on the basis of the objection. If we process your personal data in the following cases:
- for the performance of a task in the public interest or in the exercise of public authority,
- because of our legitimate interest,
- creating a client profile,
- you can object to their processing if you have personal grounds for doing so.
15. How can you exercise these rights?
You can contact us with your request in any of the following ways:
- by sending a notification to esthetic@esthetic.sk,
- by sending a notice by post to Partizánska 2, 811 01 Bratislava.
We will deal with all your requests and inform you of the outcome in the same way as you make your request.
16. Final Provisions
This Privacy Policy comes into force on 25.5.2018.
We reserve the right to change this policy if the processing of personal data in our company changes.
