Effective from May 25, 2018
- Information on the Statement
- Rights and preferences: user choice and control
- How to collect personal data
- Personal data that is collected
- Purpose of the use of personal data
- Sharing of personal data
- Storage and deletion of data
- Transfer to other countries
- Data protection
- Hosting and server infrastructure
- Changes to the Privacy Statement
Thank you for choosing Sanident.
We want to offer our patients the best possible experience so that they can better appreciate our services. To do this we need to know the sensitive and health data of the people who decide to take care of us. This allows us through specific informed consents required for each individual intervention or health service to be able, for example, to perform radiological examinations or to be able to provide detailed information and precise diagnoses on the health of our patients. patients. Sanident has always operated in such a way as to offer an exceptional and specially customized service. That said, the privacy and security of the patient’s personal data are and will always be one of our top priorities. We therefore wish to explain in a transparent manner how and why we collect, store, share and use your personal data, as well as illustrate the controls and choices that you can exercise on when and how to share personal data.
2. Information on the Statement
This Statement discloses the essential details regarding the relationship of the patient’s personal data with Sanident. The provisions of this Notice refer to all Sanident services and any related services (hereinafter “Sanident Service”). The terms governing the use of the Sanident Service are defined in our personalized Care Plans.
Occasionally, we may develop new services or offer additional services. Should the introduction of these new or additional services entail a change in the way in which we collect or process your personal data, additional explanations and terms or conditions will be provided. Unless otherwise specified, when we introduce such new or additional services, they will fall within the scope of this Notice.
The purpose of this Policy is to:
- ensure that patients understand what personal data we collect about them, the reasons we collect and use them, and with whom we share them;
- explain how we use the personal information that the patient shares with us in order to offer an extraordinary experience when using the Sanident service
- illustrate the user’s rights and choices in relation to the personal data we collect and process about it and how we will protect your privacy.
3. Rights and preferences: user choice and control
The user may be aware of the fact that a new EU law, called the “General Data Protection Regulation or” GDPR “(General Data Protection Regulation), grants certain rights to individuals in relation to their personal data. We have therefore implemented additional transparency controls and access to privacy settings to help users enjoy these rights. To the extent that they are available and with the exception of the provisions of current legislation, the rights granted are as follows:
- right of access: the right to be informed and to request access to the personal data processed concerning the user (commonly known as “request for access to the data subject”);
- right of rectification: the right to request the modification or updating of the user’s personal data in the event of inaccuracy or incompleteness;
- right of cancellation: the right to request the definitive cancellation of personal data;
- right of limitation: the right to request that we temporarily or permanently interrupt the processing of all or some of your personal data;
- right of opposition:
- the right to object at any time to the processing of personal data for reasons related to the specific situation of the user;
- the right to object to the processing of personal data for direct marketing purposes;
- data portability right: the right to request a copy of your personal data in electronic format and the right to transmit such personal data for use in the service of others;
- right not to be subject to an automated decision-making process: the right not to be subject to a decision based solely on an automated decision-making process, including on profiling, if the decision has a legal effect on the user or involves an equally significant effect .
To allow the user to easily exercise these rights and to record their preferences in relation to Sanident’s use of personal data, it is possible to request access to the following settings via a specific request to be sent to firstname.lastname@example.org :
- Privacy settings allows you to control some of the categories of personal data we process, to access personal data and includes a link to the specific section where you can get more information on how Sanident uses personal data and what your rights are;
- Notification settings – allows you to choose which communications to receive from Sanident and manage the personal data available.
If we send electronic marketing messages based on the user’s consent or otherwise permitted by current legislation, the user may, at any time, revoke this consent or express his opposition without incurring any cost. Electronic marketing messages received by Sanident (eg those sent by e-mail) will also include a waiver mechanism within the message itself (eg a revocation link in the e-mails we send to users ).
To find out more about the rights relating to the General Data Protection Regulations described above and the control methods we offer to all Sanident users in relation to these rights, consult the section on user rights. For any questions about privacy, rights or how to exercise them, contact our Data Protection Authority by sending an email to email@example.com. We will respond to your requests within a reasonable period of time after verifying the identity of who made the request. In the event of dissatisfaction with the way in which we use personal data, it is also possible to contact the Italian data protection authority or the local data protection authority and to file a complaint.
4. Method of collecting personal data
We collect your personal information in the following ways:
- at the time of completing the personal health card or the collection of anamnestic data for the presentation of Sanident care plans: when the user decides to pay a visit to Sanident, we collect some personal data that allow us to use this service, such as e-mail address, date of birth, sex and country, general health status and the patient’s historical health documents.
- Through the use of the Sanident Service: when using the Sanident service, we collect personal data relating to the use of the service, such as informed consents for health procedures, radiological investigations and clinical and surgical treatments.
- Personal data collected that allows us to provide additional elements / features: from time to time, the user can also provide us with additional personal data or give us permission to collect further personal data, for example to provide him with additional information or features. The data will not be modified without the prior consent of the user. The user will always have the possibility to change his mind and withdraw his consent at any time.
- From third parties: we will receive personal information about you and your business from third parties, including financial partners or clinical and medical institutions we work with to provide the Sanident Service (see the section SHARING YOUR PERSONAL DATA 7 below). We will only use this personal information if you have consented to the sharing of data by third parties or by Sanident, or if Sanident has a legitimate interest in using personal data to provide you with the Sanident Service.
We use anonymous and aggregated information for purposes that include the testing of our IT systems, research, data analysis, the creation of marketing and promotion models, the improvement of the Sanident Service and the development of new features within the Service Sanident.
5. Personal data that is collected
The following tables show the categories of personal data that we collect and use:
Personal data collected when registering for the Sanident Service
|Categories of personal data||Description of the category|
|Registration data of personal health card and patient care plan||This is personal information provided by the patient or collected by us to enable the Sanident Service.
This includes the e-mail address, telephone number, date of birth, gender, postal code and country, general health status and the patient’s historical health records.
The user also has the possibility to provide us with further personal and health data in order to complete the personalized medical history.
For example, for more invasive interventions a more in-depth list of exams to be produced for the preparation for the intervention may be necessary (such as three-dimensional CT Cone-Beam radiological examinations, cardiological examinations, preparatory visits to sedation and anesthesia, specific examinations for control of degenerative and metabolic diseases).
Personal data collected through the use of the Sanident Service
|Categories of personal data||Description of the category|
|Usage data of the Sanident Service||This is the personal data that is collected about you when you use the Sanident Service may be included:
carried out, appointment booking service, receipt also in electronic format of fiscal, asset and income documentation of the patient to obtain on request of the same access to financial services offered by third parties (banks and financial) in order to pay in installments necessary for the care and surgery performed by Sanident doctors.
absorption of ionizing radiation, contraindications or post-intervention recovery difficulties for the patient.
of digital signature acquisition.
Imprints of dental arches obtained through analog casts or digital scanning systems.
or connect to the Website or Sanident Web Applications, unique device IDs, attributes, type of network connection (eg WiFi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, information that allow the management of digital rights, operating system and version of the Sanident application.
Personal data collected with your permission that allows us to provide additional elements / features
|Categories of personal data||Description of the category|
|Mobile data provided voluntarily||The user also has the possibility to express his consent to the collection of further personal data from his mobile device so that we can provide elements / features that improve the experience obtained through the Sanident Service on the website or during the use of specific applications .
We will not access the personal data listed below under any circumstances without first obtaining the user’s consent:
|Payment details||The exact personal data collected will vary depending on the payment method (eg direct payment of the services in the clinic or access to the payment plan in installments via financial or bank), but will always include information such as:
upon specific written request from the patient we will provide your personal data to the financial companies and banks that will process the payments to enable them to complete a solvency check and the possibility of agreement of the installment plan.
|Marketing data||This personal data is used to allow Sanident and its partners / service providers to send marketing communications:
To learn more about the personal data collected and the control available to you in relation to the marketing communications that you will receive, you can request by mail at firstname.lastname@example.org
6. Purpose of the use of personal data
When the user uses Sanident services, various technologies are used to process the personal data collected for various reasons.
The following table shows the purposes of the processing of personal data and the relative legal provisions on which we base ourselves to be able to legally process the personal data used for these purposes. (Paragraph 5 “Personal data collected“)
|purpose of processing personal data||Law provisions for processing purposes||Categories of personal data used by Sanident for processing purposes|
|To deliver, customize and improve the Sanident service and other services and products offered by Sanident, for example by providing personalized content, as well as recommendations and advertising (for products and services of the companies of the Sanident group and in compliance with the provisions of health law. )||
|To understand how the user uses Sanident services to ensure functionality and innovate services as well as develop new products and services.||
|To process the payment, in order to prevent or detect fraud, including fraudulent payments and fraudulent use of Sanident services.||
|To communicate with the patient, directly or through one of our partners, to:
by e-mail, sms or by telephone in accordance with the authorizations eventually communicated to us.
|To communicate with the patient for purposes related to the services offered by Sanident.||
7. Sharing of personal data
We have defined the categories of recipients of personal data collected by Sanident Srl.
- Authorities responsible for law enforcement and data protection
We will share your personal information when we believe in good faith that this is necessary to comply with a legal obligation under applicable law or to respond to a valid legal proceeding, such as a search warrant, a court order or a summons in judgment.
We will share your personal information even when we believe it is necessary in good faith for our own or a third party’s purposes relating to national security, law enforcement, litigation or criminal investigations, the protection of any person’s safety or to prevent deaths or imminent injuries, unless we believe that the interests of the patient or his rights and fundamental freedoms that require personal data protection prevail over such interests.
- Other companies of the Sanident group
We will share your personal information with other companies in the Sanident Group to carry out our daily activities and to enable us to manage and provide the services of
- Buyers of our business
Buyers of our business
Sanident will not in any way provide the personal data of its patients to third parties that go beyond the aforementioned.
8. Storage and deletion of data
We keep the personal data of our patients for the time necessary to provide the service and for as long as required by current health regulations.
If requested, we will cancel the patient’s personal data, always in accordance with the current health regulations.
9. Transfer to other countries
Sanident may share patient’s personal data nationally and internationally with other companies in the Sanident Group in order to perform the activities specified in this Notice.
Sanident will ensure that the transfer of personal data always takes place in compliance with applicable privacy laws and always in compliance with the standard contractual clauses approved by the European Commission.
11. Data protection
We are committed to protecting the personal data of our patients. For our servers we adopt advanced technical and organizational measures in the field of information security; however, remember that no system is ever completely secure.
Data relating to minors will always be collected upon the signature of an informed consent form from a parent or legal guardian.
14. Hosting and server infrastructure
The hosting service is provided by:
– Infomaniak Network SA through its proprietary servers.
Server physical location: Switzerland.
– So you Start through proprietary server of the company OVH S.r.l. – Registered office: Via Leopoldo Cicognara, 7 – 20129 Milan (MI) – Italy.
Physical location of servers: France.
15. Changes to the Privacy Statement
We may occasionally make changes to this Policy.
When we make substantial changes, we will notify the patient by e-mail.
Be sure to read these warnings carefully.
Via Settembrini, 6
Sanident Srl is the data controller for the purposes of processing personal data pursuant to this Statement.
See you soon and remember
Your smile is our mission.
Last modification: 11/06/2018