If the POLIKLINIKA SMILE d.o.o. joint head of the processing of your personal data pursuant to Article 26 of the General Data Protection Regulation with another head of processing, on the basis of joint business cooperation and / or on the basis of the use of some common service and / or legitimate interest of POLIKLINIKA SMILE, additional information regarding protection and by processing your personal information, in addition to the POLIKLINIKA SMILE, you may also request another processing manager listed in the section of this Policy under the title of Joint Processing Managers Policy.
POLIKLINIKA SMILE d.o.o. has appointed Mr. Danko Žitić as the Personal Data Protection Officer.
Related to any questions regarding the processing of your personal information and the exercise of rights
provided for by the General Data Protection Regulation, you can contact the Data Protection Officer in the following ways:
in writing to: POLIKLINIKA SMILE doo, M. Tita 129, HR-51410 Opatija, for Data Protection Officer
by e-mail to: dpo@smile.hr
We are fully committed to ensuring the continued and effective implementation of this policy, and we expect the same from our employees and business partners.
This policy determines the expected behavior of the Company, its permanent, temporary and occasional employees as well as third-party business partners with respect to the collection, use, storage, transfer, disclosure or destruction of personal data that work in the Company's business processes.
The following rules are an integral part of this Policy:
PERSONAL DATA PROTECTION RULES define the purpose and manner of use of personal data, the categories of personal data we collect, the time period in which we process them, and the means of information regarding the processing of your data;
PRIVACY POLICIES ON THE WEB define the ways in which we collect and store the information we collect through the Company's website
EMPLOYMENT PRIVACY POLICIES define how we collect and use your personal information in connection with employment activities;
RULES ON JOINT PROCESSING LEADERS define common processing managers, their actions, and the point of contact for individuals.
PERSONAL DATA PROTECTION ACT
These rules apply to the privacy practices that the Company applies when contracting and providing services to its customers. We have defined these data protection rules to clarify the purpose and use of personal data, the categories of personal data we collect, the time period during which we process them, and to familiarize you with all information regarding the processing of your data.
THE DATA WE COLLECT
Various forms of interaction with the Company (use the Company's publisher's website, send inquiries / requests by email, mail, participate in sweepstakes and competitions, submit a subscription contract, conclude advertising contracts, cooperative agreements) collect personal information which implies, but are not limited to the following:
Name, surname
Residential address
Personal identification number
Bank account number
Email address
Telephone number
During various forms of interaction, the Company may also collect non-personally identifiable information, which includes, but is not limited to, the following:
Information about the device through which you connect to the Internet
The type and version of Internet browser you are using
Ways to use the Company's website
LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
We process and use personal information only for the purposes for which it was collected. The processing of personal data is allowed only to the extent that at least one of the following is fulfilled:
Processing is necessary to comply with the Company's legal obligations - which includes, but is not limited to, processing of data for the purpose of invoicing, for the purpose of resolving complaints based on the relevant regulations (Consumer Protection Act);
Processing is necessary to execute a contract in which the beneficiary is a party or to take action at the request of the beneficiary prior to the conclusion of the contract - for example, when concluding a subscription contract, when contracting delivery services in accordance with the contract concluded, when submitting an advertisement for the publication of the obituary;
Processing is necessary for the legitimate business interests of the Company or a third party, except where those interests are stronger interests or fundamental rights and freedoms of users that require the protection of personal data - for example, the processing of data for marketing purposes, when we inform our users of special offers or invite events we expect to be interested in;
Based on information on the extent of processing, explicit consent has been given by the user - for example, the consent of the parental care provider to publish information for children under 16 years of age.
USE OF DATA
The Company uses personal information for the following purposes:
Provision of services in accordance with contractual obligations - The Company may use personal information during the provision of contracted services, and to provide various forms of communication during the process of cooperation
Marketing and Sales Activities - The Company may use personal information to inform you about new benefits, content, discounts or similar activities
Protection of Company Employees - The Company may disclose personal information of individuals if it believes it is necessary or appropriate to protect the health and safety of employees, visitors, property and / or users
Legal reporting and data processing obligations
Ways to collect data
Personal information is collected in one of the following ways:
Direct from an individual - information submitted for the purpose of entering into or executing a contract, by creating a user account on the Company's website, by coming to the premises of the Company, by telephone conversation with an individual, by participating in a prize competition or a competition of the Company.
Indirect - Data that is publicly available on non-Company websites (eg, social media posts, open forums), information obtained through cookies, links and similar technologies
REQUIREMENTS OF RESPONDENTS
The Company ensures the exercise of the beneficiary's rights in relation to:
Access to information;
Objection to processing;
Processing restriction;
Data transfer;
Correction of data;
Deleting data.
The user submits the claims for the exercise of his rights in writing or verbally. If an individual files a claim relating to any of the foregoing rights, the Company will consider any such claim in accordance with all applicable data protection laws and regulations. The Company reserves the right to charge costs for processing customer requests in exceptional cases where the requests are unreasonable.
Customers have the right to be informed, upon successful submission, of the following, after successful verification of their identity:
The purposes of processing personal data;
The source of the personal information, if not obtained from the user;
Category of personal data;
To recipients or categories of recipients to whom personal information has or may be transmitted, together with the location of those recipients;
The period of storage of personal data or the reasoning for determining the period of storage;
Use any automated decision making, including profiling;
All requests for access or correction of personal data must be made to the Personal Data Protection Officer, who will record each request upon receipt. The response to each request shall be submitted within 30 days of receipt of the user's written request.
PROCESSING OF PERSONAL DATA ON THE BASIS OF USER'S CONSENT
In certain cases, the Company may seek the consent of users or their holders of parental responsibility to process personal data for certain purposes. When the processing of the user's personal data is based on consent, the user / parent may at any time withdraw the consent given, but this will not affect the legality of the consent-based processing before it is withdrawn.
DATA RETENTION
The Company will not retain personal information for longer than is necessary for the purposes for which it was originally collected.
The Company will retain your Personal Information for as long as it is necessary for the provision of products or services; as long as required in accordance with these Rules or the time of collection; as long as is necessary because of our legal obligations, the resolution of disputes and the execution of our contracts; or to the extent permitted by law.
When the retention period expires, the Company will delete personal data in a way that ensures that they cannot be reconstructed or read.
DATA PROTECTION
The Company implements physical, technical and organizational measures that guarantee the security of personal information (e.g. prevention of loss or damage, unauthorized alteration, access or processing and other threats to which personal data caused by human activity or the physical / natural environment may be exposed).
The security measures implemented are aimed at:
Prevent unauthorized persons from gaining access to the data processing system in which personal data are processed;
Prevent persons who have the right to use a data processing system from accessing personal data that is beyond their needs and authority;
Ensure that personal data during electronic transmission or during transmission cannot be read, copied, modified or removed without authorization; Privacy Policy Version 1.00 Page 6 of 12
Ensure the availability of system records for the purpose of determining from whom personal data from the data processing system were entered, modified or removed;
Ensure that when processing is performed by the processing executor, the data can only be processed in accordance with the instructions of the processing manager;
Ensure that personal information is protected from unwanted destruction or loss;
Ensure that personal data collected for different purposes can be processed separately;
Ensure that personal information is not held longer than necessary.
REQUESTS BY LEGISLATIVE AUTHORITY
In certain circumstances, personal information may be shared without the knowledge or consent of the user. And when disclosure of personal information is required for any of the following purposes:
Prevention or detection of crime.
Arrest or prosecution of offenders.
Assessment or collection of taxes or fees.
By order of the court or any law.
COMPLAINTS MANAGEMENT
In case of complaints regarding compliance with these and other rules regarding the protection of personal data, please email us at dpo@smile.hr. In the event of a complaint, we will investigate the entire situation regarding the use and disclosure of personal information in accordance with these policies and will attempt to resolve it as soon as possible.
PROTECTION OF PERSONAL DATA OF CHILDREN
Although the Company is oriented to informing the general public, we are well aware that children deserve special protection in every respect, including the protection of personal data, since they may be less aware of the risks and possible consequences of disclosing their information.
Pursuant to Article 19, Paragraph 1 of the Law on Implementation of the General Data Protection Regulation (OG 42/2018), the Company considers all persons under the age of 16 to be children, and does not seek or collect or collect personal information of children without the consent of the holder of parental responsibility. The Company will make every reasonable effort to process the information it receives from children only with the consent of the holder of parental responsibility.
If the Company learns that the personal information of the children has been sent to it but without the valid consent of the holder of parental responsibility, the Company shall make reasonable efforts to do the following:
delete this personal information from your files as soon as possible; and
to ensure, in the event that deletion is not possible, that such personal data are not further used for any purpose;
and in any case will not be given to any third party.
If a parent or guardian has questions regarding our processing of their child's personal information, please feel free to contact us at the address of the Personal Data Protection Officer.
WHERE YOUR PERSONAL DATA WILL BE PROCESSED
We process your information within the European Economic Area. If there is a need to transfer personal data outside the area, such transfer will only take place if the European Commission has confirmed that the third country has fulfilled a certain level of data protection or if there are appropriate safeguards under applicable law (e.g. binding corporate rules, standard contractual clause).
RIGHT TO SUBMIT COMPLAINTS TO THE SUPERVISOR AUTHORITY
You may object to the processing of your personal data at any time if you believe that in the processing of your data we have breached the Croatian or European data protection regulations to the supervisory authority of the Personal Data Protection Agency, Martićeva 14, Zagreb, azop@azop.hr
PRIVACY POLICY ON THE WEB
The Company recognizes and appreciates your right to confidentiality of information and undertakes to maintain the security of the information it collects through the Company's website.
Your personal information is collected and used solely on the basis of information you have voluntarily provided to the Company, either through registration (personal information such as name, address, city, e-mail, year of birth) or use of the Website will be used when registering. .
The collected personal information is stored electronically and all appropriate technical and organizational measures are applied to prevent the personal data being violated. E-mails received with your personal information will be used by the Company only for the purpose of fulfilling your requests.
COOKIES
Cookies allow you to collect statistics about user behavior on web pages (e.g., what parts of the web site are retained by users for the longest and where shortest), which internet browser (e.g., Internet Explorer, Opera, Safari, Google Chrome , Firefox) uses the like.
A cookie is a small packet of data sent from a server to a user's computer and serves as an anonymous identifier. The purpose of cookies is to improve the user experience when using the Website. Cookies on the Company's Web site are anonymized and are not used for the purpose of accessing user data or for monitoring user activity after leaving.
The Company's website monitors the statistical traffic of its pages solely to obtain the necessary information on the attractiveness and performance of its pages.
Search engine owners are keeping you informed about how cookies are managed. Read more at the related links.
Google Chrome
Internet Explorer
Mozilla Firefox
Safari (Desktop)
Safari (Mobile)
Android Browser
Opera
Opera Mobile
For the remaining search engines, please consult the documentation provided by the search engine-owned company in question.
DIGITAL MARKETING, NEWSLETTER
The Company sends promotional materials through digital communication channels to individuals with whom it has at some point made some form of cooperation (subscribers, patients and potential patients) and who have provided us with contact information for such form of communication. Users of the Company's services have the right at any time to disable the service of receiving promotional privacy policies, version 1.00 Page 9 of 12 materials, and the Company will provide tools to enforce the right to be deleted from the notification database. The legal basis for processing the data for these purposes is the legitimate interest of the Company.
Contact information, such as your name and e-mail address, is necessary if you wish to use the Company's services to receive promotional materials. Promotional material includes information about services and special offers as well as newsletters.
The customer will be notified at the time of first contact or at any stage of the service's use of his or her data for digital marketing purposes.
The general opt-out option is not available for some forms of non-marketing communications, such as product-related communications, sales transactions, sweepstakes winnings you participated in, legal compliance statements, and (when permitted by law).
The Company may use the technical services of external business partners to deliver newsletters. In this case, we only process the email address you provided to receive the Newsletter for processing. We also ensure that the selected business partner uses the newsletter only for the delivery of our Newsletters, for the duration of your subscription, and may not use it for other purposes. Except in the case and under the aforementioned conditions, the Company] will not share your contact information, which you have provided to sign up for the Newsletter, with third parties.
SAFETY
The Company takes all security measures to protect user data, during data entry and transfer, data processing and storage. Access to data is limited and only available to employees who need it to perform business activities.
Personal data provided to the Company at the time of registration will be kept during the existence of the Website or for the duration of registration of users. All information provided to the Company upon registration on the Website will be destroyed at the latest upon its shutdown.
Users may, at any time, request notification of their personal data being processed by the Company, or to have it modified or deleted, by sending a request to the Data Protection Officer.
UPDATE PRIVACY POLICY
We regularly review our privacy policies and verify that they reflect the way the Company processes personal information. The current version is always available on our site www.smile.hr, and if any major changes affect your rights and freedoms, we will inform you directly.
EMPLOYMENT PRIVACY RULES
These policies define how the Company collects and uses your personal information in connection with employment activities. Personal information will be used in accordance with the rules below.
By submitting personal information required for employment or applying for a job, you voluntarily make personal information available to the Company.
Collection of personal information.
The company requires certain information, including education and work experience, contact information, job qualifications for which you are applying. Some additional / more detailed information such as a resume is also required; employment recommendations and the like. In addition, the Company may collect information from third parties during the verification of the correctness of the information provided by candidates (e.g. to verify the validity of the diploma, work experience and / or recommendations).
Confidential Personal Information.
During recruitment, the company will not solicit or request sensitive personal information (eg on religious affiliation, health status, sexual orientation or political orientation).
Voluntary disclosure.
Personal information during the recruitment process is made available to the Company voluntarily. The Company will only seek the necessary information necessary for a proper and legally compliant recruitment process.
Use of personal information.
The information may be used to communicate with you, to manage the selection and recruitment process, and to comply with corporate, legal and regulatory requirements. If you exercise your right to employment, we may use your information for employment and corporate governance.
Recipients of data and sharing with third parties.
The Company may share your personal information internally and with service providers and other third parties as required in the selection process, recruitment, corporate governance, procurement and legal or legal obligations, to respond to public sector or administrative requirements for national security and / or law enforcement.
The Company commits such service providers and third parties to maintain the confidentiality of your personal information and to use personal information only for the specific purpose for which it was disclosed.
Security and confidentiality.
The Company maintains a high level of administrative, physical and technical security measures designed to safeguard the confidentiality of personal information and requires the same from its service providers. Employees of the Company who, in order to describe their business, may access personal information must maintain the confidentiality of such information.
The Company may apply security procedures in its facilities and on its computer systems to monitor and maintain security. Any inspection of the Company's facilities, systems or property shall be conducted in accordance with applicable laws.
Your duties.
Each candidate is responsible for the information provided to the Company. All information must be accurate, truthful, precise and in no way misleading.
Applicants must ensure that the information submitted does not contain inappropriate, defamatory or infringing content from third parties. In the case where the personal data of another person (eg the person who can make a recommendation) is provided, the candidate is responsible to the person whose information is provided, to be informed in a timely manner and to obtain consent.
RULES ON JOINT PROCESSING LEADERS
Information about the joint processing managers with whom POLYCLINIC SMILE d.o.o. mutually and jointly determine the purposes and methods of data processing:
Top adria travel agency d.o.o.
M. Tito 129
HR-51410 Opatija
OIB 59624272240
Smile Adria Italia S.r.l.
Via Giosuè Carducci 22
IT-34125 Trieste
OIB IT04211200276
The Company reserves the right to transfer personal data within its business group as well as to third parties, respecting the principle of an adequate level of legal protection for the rights and freedoms of users.
The transfer of personal data is carried out if at least one of the following conditions is met:
Transfer is necessary for the performance of contractual obligations / services;
The transfer is necessary for the implementation of the pre-contractual measures taken in response to the user's request;
The transfer is necessary for the conclusion or performance of a contract concluded with a third party in the interest of the beneficiary;
Transmission is legally binding on grounds of important public interest;
Transfer is necessary for the establishment, execution or defense of legal claims;
Transmission is necessary to protect the vital interests of users;
Transfer is necessary to connect business processes within a business group.
In order to operate effectively, it is necessary to transfer personal information from one of the companies listed above to another. In these cases, SMILE POLYCLINIC d.o.o. is responsible for protecting the personal information transmitted.
In Opatija, May 7, 2018
Polyclinic Smile d.o.o.
Copyright 2020. All Rights Reserved
