When we refer to “Praga Medica”, or “us” or “we” or “Company”, we are referring to PRAGA MEDICA HEALTHCARE s.r.o., with its registered office at Na Krutci 368/5, Prague 6, the Czech Republic, ID No. 24249726, registered in the Commercial Register kept by the Municipal Court in Prague, under File No. C 197135.
We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website or our services, then you can be assured that it will only be used in accordance with this privacy statement.
GDPR is the General Data Protection Regulation. It comes into effect on 25th May 2018. It sets out a series of new EU laws concerning how data is processed and used. The objective of the regulation is to strengthen and standardize data protection laws for all EU citizens. These regulations will apply to any organisation that controls and / or processes data on behalf of an individual or group of individuals. Those responsible for adhering to these regulations include employees of the organisation, including contractors, consultants, agents and third parties who have access to data either directly or indirectly.
Our Data Protection Officer oversees how we collect, use, share and protect your information to ensure your rights are respected. You can contact our Data Protection Officer at firstname.lastname@example.org or by writing to them at Data Protection Officer, PRAGA MEDICA HEALTHCARE s.r.o., with its registered office at Na Krutci 368/5, Prague 6, the Czech Republic.
We collect and process various categories of personal data at the start of and for the duration of your relationship with us. We will limit the collection and processing of personal data to information necessary to achieve one or more legitimate purposes as identified in this policy.
This information is usually collected through initial customer enquiry, undertaken through various channels, mostly from our online contact form, by phone, by email or from a third party.
Under GDPR, there are special categories that require additional safeguards for processing. We will only process special categories of personal data where we’ve obtained your explicit consent or are otherwise lawfully permitted to do so. And then only for the particular purposes and activities set out and for a limited time only. These special categories of personal data and the reasons for their collection are outlined below:
We may process data about your use of our website and services ("usage data"). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
Personal data we collect and hold about you includes:
We use information about you to:
To provide our products and services under the terms and conditions agreed between us, we need to collect and use personal information about you. If you do not provide this personal information, we may not be able to provide you with our products and services. For example: by not filling out our online questionnaire, we will not be able to provide an online evaluation and make an appointment for medical treatment.
We analyse the information that we collect on you through your use of our products and services and on our social media, apps and websites. This helps us understand how we interact with you and our position in the market place.
We will not share your personal data with anyone outside the Company except:
We require that these third parties provide sufficient guarantees that the necessary safeguards and controls have been implemented to ensure there is no impact on your data rights and freedoms.
To use your personal data lawfully, we rely on one or more of the following legal bases:
Processing your information is necessary for us to provide you with products and services that are related to treatment abroad and that we agree to deliver subject to our terms and conditions.
Legitimate interest means the interests of the Company in conducting and managing our business when providing products and services. Our core legitimate interests are to provide the best customer service, improve our products and services, and to protect our customers, employees and shareholders. A very important part of our legitimate interests is the ability to manage our relationship with you as effectively as possible and provide you with the best possible customer experience.
We will ask for your consent on multiple occasions, such as:
We ensure that your consent will always be given to a very specific action and in a clear, affirmative way. We will keep a record of your consent and how we obtained it.
Consent can be withdrawn at any time which will result in the immediate cessation of all data processing, unless we have already delivered the product or service.
We may sometimes require your consent to use your personal information. For example, when we use sensitive personal information (known as special category information under GDPR) about you, such as medical or biometric data, we always request your explicit consent.
This section sets out our data retention policies and procedures, which are designed to ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
Your information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Special categories of personal data (especially medical questionnaire data) will be retained for a minimum period of 1 year following the submission of the data, and for a maximum period of 3 years following the treatment date.
Notwithstanding the other provisions of this section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or to protect your vital interests or the vital interests of another natural person.
We are aware of security threats and make every possible effort to protect your information. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Our Data Protection Officer oversees how we collect, use, share and protect your information to ensure your rights are respected. Should you have any questions, please do not hesitate to contact our Data Protection Office.
We may transfer your personal information outside of the European Economic Area (EEA) to help us provide the best customer experience, on the basis that anyone to whom we pass it protects it in the same way we would and in accordance with applicable laws. For example, the hosting facilities for our website, our database and our email servers are situated both in the Czech Republic and abroad. Any international transfers of your personal data will be protected by appropriate safeguards.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Our marketing activities towards you are very limited and consist of
We will always ask for your consent in relation to any marketing activities.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.