Skip main content

General practitioner’s office

for adults in Senec

Virtual Nurse Emmy

info@amedika.sk

Opening Hours
Closed for today

Kysucká 14E
903 01 Senec

Booking New Patient

Virtual Nurse Emmy

Privacy Policy

GDPR

Pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter also referred to as the “GDPR Regulation“)

and pursuant to Act No. 18/2018 Coll. on the Protection of Personal Data and on Amendments and Additions to Certain Acts (hereinafter also referred to as the “Act“)

Operator:

Name: AMedika, s.r.o.
Headquarters: Mlynská 456/61, 903 01 Senec
ID: 55 883 401
Responsibleperson: JUDr. Ing. Radovan Konečný, PhD., MBA
Contact details: gdpr@causa.sk, Tel.: 0915 305 333

The controller declares that it has taken appropriate technical and organisational measures to ensure the protection of the rights of data subjects (patients) and has had security documentation drawn up declaring compliance with legal requirements and lawful processing of personal data.

THE PURPOSE AND LEGAL BASIS OF THE PROCESSING OF PERSONAL DATA

The controller shall process in the patient health records information system the data of persons for the purposes of:

  • the provision of health care

Personal data are processed without the consent of the data subject.

Personal data are processed on a legal basis pursuant to Section 13(1)(c) of the Act. 18/2018 Coll. on the protection of personal data in connection with:

  • Act No. 576/2004 Coll. on health care, services related to the provision of health care and on amendment and supplementation of certain acts, as amended,
  • Act No. 362/2011 Coll. on Medicinal Products and Medical Devices and on Amendments and Additions to Certain Acts, as amended,
  • Act No. 581/2004 Coll. on Health Insurance Companies, Supervision of Health Care and on Amendments and Additions to Certain Acts, as amended,
  • Act No. 153/2013 Coll. on the National Health Information System and on Amendments and Additions to Certain Acts, as amended.

RECIPIENTS OF PERSONAL DATA

The controller provides the personal data of the data subject (patient) to the following recipients: the data subject’s health insurance company, other healthcare providers providing healthcare to the data subject, the National Centre for Health Information and, upon request, to the Office for Health Care Supervision for the purpose of investigating complaints, or to forensic experts for the purpose of drawing up expert opinions.

RETENTION PERIOD OF PERSONAL DATA

Personal data and data relating to the health of the data subjects (patients) shall be kept for 20 years after the death of the person within the meaning of Section 22(2) of the Act. 576/2004 Coll. and Act no. 395/2002 Coll. on archives and registers and on the amendment of certain acts. After the expiry of the statutory period, the data shall be destined for destruction and shredding.

TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY

The controller does not intend to transfer the personal data to a third country or to an international organisation.

RIGHTS OF THE DATA SUBJECT

1.) obtain from the controller confirmation of the processing of personal data concerning him or her – if the controller processes such personal data, the data subject has the right to obtain access to such personal data, together with the information pursuant to Article 15 of the GDPR;

2.) submit to the Office for Personal Data Protection a petition for initiation of proceedings for the protection of personal data pursuant to Section 100 of the Act (Office for Personal Data Protection, Hraničná 12, 820 07 Bratislava 27);

3.) for the controller to rectify, without undue delay, inaccurate personal data concerning him or her. Having regard to the purpose of the processing of personal data, the data subject shall have the right to have incomplete personal data completed;

4.) the controller to erase the personal data concerning the data subject without undue delay if:

  • the personal data are no longer necessary for the purpose for which they were collected or otherwise processed,
  • the data subject objects to the processing of the personal data (see point 5 below) and no legitimate grounds of the controller for further processing of the personal data of the data subject prevail,
  • the personal data are unlawfully processed; or
  • the reason for deletion is the fulfilment of an obligation under Slovak law, EU law or an international treaty to which the Slovak Republic is bound;

5.) to object to the processing of personal data on grounds relating to the particular situation of the data subject (e.g. marketing purposes). In such a case, the controller may no longer process the personal data unless the controller demonstrates compelling legitimate interests for the processing of the personal data which override the rights or interests of the data subject or grounds for exercising a legal claim;

6.) for the controller to restrict the processing of personal data if:

  • the data subject contests the accuracy of the personal data during a period allowing the controller to verify the accuracy of the personal data;
  • the processing of the personal data is unlawful and the data subject objects to the erasure of the personal data and requests instead the restriction of their use;
  • the controller no longer needs the personal data for the purpose of the processing but the data subject needs them to establish, exercise or defend legal claims; or
  • the data subject has objected to the processing of personal data pursuant to point 5, pending verification whether the legitimate grounds on the part of the controller outweigh the legitimate grounds of the data subject.

OBLIGATIONS OF THE DATA SUBJECT

The person concerned (patient) is obliged to provide personal data necessary for the provision of health care in the following scope: first name, surname, date of birth, birth number, home address, telephone, e-mail and medical data necessary to establish medical history. The consent of the data subject to the processing, provision and disclosure of data from the medical records is not required under the conditions laid down in this Act. The data subject (patient) in connection with the processing of personal data in the patient health record information system does not have the right to erasure of personal data, does not have the right to object to the processing of personal data, does not have the right to the portability of personal data.

The legal consequence of not providing personal data may be the refusal to provide healthcare, except for urgent healthcare!