ONCOLOGY PATIENT SUPPORT COMPANY PC, Anastaseos 23, Cholargos, Attica
The primary objective of this policy is to provide general guidelines for the protection of Personal Data (collection, use, disclosure, monitoring, etc.) of the Company, CureCancer – mycancer.gr , Anastaseos 23, Cholargos, Attiki, https://mycancer.gr/ , email: email@example.com .
1. PURPOSE OF THIS POLICY
This policy explains how CureCancer - mycancer.gr , 23 Anastaseos, Cholargos, Attiki (hereinafter referred to as the Company) may collect information about its users, Patients, Doctors and Stores, and use it to satisfy customer and regulatory requirements.
It also describes some of the security measures the company takes to protect data privacy and provides certain guarantees about things the Company will not do.
In any case, the Company, following the initiative of Patients, Doctors and Stores for the use of its services, stores this data on the Platform as a provider of hosting services without having the possibility to intervene in them. The Platform has no involvement or influence or control over the Patient's posts, over the content of the Medical History or Treatment Plan as well as over the settings of his Account. However, the services provided by the Platform are exclusively automated and technically neutral, while the data is kept encrypted.
2. LEGAL AND REGULATORY FRAMEWORK
The management and protection of the personal data of the visitor/user of the Company's services is subject to the conditions of this section as well as the relevant provisions of the Greek law (Law 2472/1997) on the protection of the individual from the protection of personal data as it has supplemented by the decisions of the President of the Personal Data Protection Committee, Presidential Decrees 207/1998 and 79/2000 and Article 8 of Law 2819/2000), the new Greek Law 4624/2019 and the new European General Data Protection Regulation Data ( GDPR : 2016/679 of the European Parliament and of the Council of April 27, 2016, http :// eur - lex . europa . eu / legal - content / EL / TXT / HTML /? uri = CELEX :32016 R 0679& from = EN ).
The present conditions are formulated taking into account both the rapid development of technology and in particular the Internet and the existing - although not fully developed - network of legal regulations regarding these issues.
In this context, any possible relevant regulation will be the subject of this section.
In any case, the Company reserves the right to change the terms of protection of personal data by informing visitors/users within the existing or potential legal framework.
If a visitor/user does not agree with the personal data protection conditions provided for in this section, he/she must not use the Company's services.
The Company considers the protection of customer privacy and data to be of the utmost importance and is committed to providing all users , Patients and Doctors, and Stores with personalized services that meet their requirements and in a way that ensures their privacy .
4. COLLECTION AND PROCESSING OF PERSONAL INFORMATION
The Company manages and processes your personal data in full compliance with the relevant articles of the GDPR (5, 6, 7, 8, 9, 10, 11, etc.).
Especially for article 5 (Principles governing the processing of personal data) the Company takes appropriate measures to ensure that personal data:
- a) are lawfully and legitimately processed in a transparent manner in relation to the data subject ("lawfulness, objectivity and transparency"),
- b) are collected for specified, express and lawful purposes and are not further processed in a manner incompatible with those purposes; further processing for archiving purposes in the public interest or for scientific or historical research or statistical purposes is not considered incompatible with the original purposes in accordance with Article 89(1) ("purpose limitation"),
- c) are appropriate, relevant and limited to what is necessary for the purposes for which they are processed ("data minimization"),
- d) are accurate and, when necessary, updated. All reasonable steps are taken to immediately delete or correct personal data that is inaccurate, in relation to the purposes of the processing ("accuracy"),
- e) are kept in a form that allows the identification of the data subjects only for the period necessary for the purposes of the processing of the personal data; the personal data may be stored for longer periods, as long as the personal data will be processed only for archiving purposes in the public interest, for the purposes of scientific or historical research or for statistical purposes, in accordance with article 89 paragraph 1 and as long as the appropriate technical and organizational measures required by this regulation are applied to ensure the rights and freedoms of the subject of data ("restriction of storage period"),
- f) are processed in a way that guarantees the appropriate security of personal data, including their protection against unauthorized or illegal processing and accidental loss, destruction or damage, using appropriate technical or organizational measures ("integrity and confidentiality" ).
Some of the personal information that the Company holds about you may be sensitive personal data within the meaning of the Data Protection Act and other relevant laws.
The Company may collect personal information about you from various sources, including:
(a) by you when you agree to take a service from our Company and in this case it may include your personal and/or business contact details and your consent;
(b) by you when you contact our company with a request for information, and
(c) from publicly available sources.
5. TYPES OF PERSONAL DATA WE COLLECT
When you interact with the Company, we will ask you for or receive data with your consent, such as:
- Your name,
- Your email address,
- Your phone number,
- Your social media profile,
- your gender,
- your age,
- Information about the products and services you have purchased;
- Your use and activities on the Company's pages and
- Other information related to your online behavior.
Absolutely necessary data, which are relevant, convenient and necessary for requesting and receiving the services offered by the Platform are:
- to create a Patient account:
Name and surname
password _ _
time zone (automatically applied)
Patients are advised not to use their real information to create a username or to use a pseudonym as this information will be visible during their participation in the Forum (unless they select the privacy setting setting - which allows them to post anonymously on the Forum ).
- for the use of the services by the Patient:
The Patient has the possibility to create his Medical File within the platform and give access to it to his Doctor, as follows:
(a) Patient Medical History , in which he posts information and details about his medical history.
(b) Treatment Plan , in which he posts his treatments, symptoms and appointments with doctors.
(c) In the special section for posting their Personal Notes including any photos of their symptoms (e.g. dermatological) and/or uploading their examinations (images and/or comments) for storage
(d) Posting content on the Platform's Forum related to the Platform's subject matter in order to exchange opinions and experiences with other registered Patients who wish to post public content on the Platform.
(e) Addition of Medications to the Treatment Plan
(g) Adjustments to the frequency of medication intake and treatment sessions
(h) Reminders for medication doses and therapy session appointments
- a) Customization so that their posts on the Forum are completely anonymous, i.e. not even the username they use is displayed
- b) Adjustment so that their Personal Notes are also visible to Doctors who will gain access to their Account or secret
The Patient controls himself and can freely choose his privacy settings as well as modify them at any time.
- to create a Doctor account:
The Doctor registers on the Platform on his own initiative. The Doctor / Health Professional may, with his own consent, send his details to the Company and be registered by the Company. For the purpose of his Registration, he registers himself or after his consent, the Company, the following information:
Name and surname
time zone (automatically applied)
Also, optionally, after the double opt in the Doctor can fill in: Specialty, Degrees, country and city of the Doctor, photo, office address, short CV and website, aiming to be featured on the Health Professionals List.
- to create a Store account:
The Store sends its details to the Platform, by email, and they are posted by the Company manager for this Store registration activity. Next, the Store approves the post regarding its profile and information, along with a brief description of its products.
- Your IP address ,
- Your cookie ID,
- Your browser,
- Your location,
- The web pages you visit on our websites,
- The ads you see or click on.
6. INTELLECTUAL AND INDUSTRIAL PROPERTY RIGHTS
Apart from the expressly mentioned exceptions (copyrights of third parties, partners and entities), all the content of the Company, including images, graphics, photos, plans, texts, the services provided and generally all the files of this website (site), are intellectual property , registered trademarks and service marks of the Company and are protected according to the relevant provisions of Greek law, European law and international conventions.
Consequently, none of them may be sold, copied, modified, reproduced, republished or 'downloaded' (downloaded ) , transmitted or distributed in any way, in whole or in part.
7. USE OF INFORMATION
The information you provide to the Company or the Company holds will be used by the Company to:
(a) Verifying your identity when you ask questions;
(b) To contact you about improving the management of the services and products provided by the company in the past, now or in the future;
(c) To carry out marketing analysis and the creation of statistical information;
(d) Preventing and detecting fraud or loss, and
(e) To contact you, by any means (including mail, email, telephone, etc.) about other services and products offered by the company.
8. CREDIT CHECK
The Company, in some cases, may do certain credit checks with the relevant agencies when you apply to get a service or product. If this is the case, then it will be expressly stated in the terms and conditions of the business between you and the Company.
9. DISCLOSURE OF INFORMATION
Under no circumstances does our Company sell your personal information to third parties (Article 11 of Law 2472/1997) and in accordance with the new European General Data Protection Regulation ( GDPR : 2016/679 of the European Parliament and the Council of April 27, 2016.
In no case does it sell or rent your personal data to third parties.
These data are used by our Company to continuously improve your service.
The Company may disclose information only if legally required for legal or regulatory purposes, in the context of legal proceedings or potential legal proceedings.
10. PROTECTION OF INFORMATION
The Company maintains strict security and control measures to protect your personal information.
This includes, in accordance with the GDPR (Articles 5, 28, 30, 32, 33, 34, 40, 55 – 58, etc.) a set of administrative measures, security policies, procedures and practices to verify your identity when you call us , encrypting data on our websites and files, creating appropriate data backups, etc., in order to ensure compliance with all applicable legal requirements.
We have taken measures so that your personal data is kept on our behalf by third parties ( Amazon Web Services https :// aws . amazon . com / privacy /? nc 1= f _ pr ) to be observed according to European Legislation. and we ensure that the same security standards are met.
We share your personal data with your consent or as required by law, to complete a transaction or provide a product you have requested or authorized. We share data to perform a contract with suppliers or carriers working on our behalf, where required by law or to respond to legal process, to protect life, to keep our products safe, and to protect of our Company's rights or property.
11. INTERNET ACCESS
If you contact the Company over the Internet, if you give us consent, then we will occasionally use e - mail to communicate with you about our services and products.
You should be aware that communications over the Internet, such as e-mails, etc., are not secure unless they are encrypted.
The company is not responsible for any unauthorized access or loss of your personal information that is beyond the control of the company.
We may use ' cookies ' to track the user's movement of our Company's website.
browser settings to prevent cookies from being accepted .
However, rejecting cookies may affect your ability to use any of the products and/or services on our Company website.
12. MONITORING OF COMMUNICATIONS
All of the Company's communications with you (including telephone conversations, etc.) may be monitored and recorded by the Company for security, quality assurance, and legal, regulatory and educational purposes, in which case you will be notified upon initiation of the communication .
13. WHAT ARE YOUR RIGHTS?
In accordance with Law 2472/97, and the new European General Data Protection Regulation ( GDPR : 2016/679 of the European Parliament and of the Council of April 27, 2016, as applicable), you have the right to information, access, deletion, portability, rectification and objection ( articles 15 – 22 of the GDPR ) . That is, you have the right to receive, upon request, free information about the stored personal data concerning you. Furthermore, you have the right to present, upon request, objections to the processing of the data concerning you, with effect for the future.In addition, you have, in accordance with the legal provisions, the right to correct and delete said data.
You can exercise, as the case may be, the following rights:
- the right of access , to find out which of your data we are processing, for what purpose and the recipients thereof ( GDPR Article 15 'Right of access of the data subject')
- the right to rectification , to correct any deficiencies or inaccuracies of your data ( GDPR Article 16 'Right to rectification')
- the right to erasure (right to be forgotten), to delete your personal data from our records, but if their processing is no longer necessary (GDPR Article 17 'Right to erasure ("right to be forgotten")
- the right to restrict processing , in case of questioning the accuracy of your data ( GDPR Article 18 'Right to restrict processing')
- the right to be informed of any correction or deletion of personal data or restriction of data processing carried out in accordance with Article 16, Article 17 paragraph 1 and Article 18 (GDPR Article 19 Obligation to notify regarding the correction or deletion of personal data or restriction of processing')
- the right to portability , to receive your data in a structured and commonly used format ( GDPR Article 20 'Right to data portability')
- the right to object , in particular if you do not wish your data to be used for the purposes of direct marketing of our products and services, including objecting to profiling ( GDPR Article 21 'Right to object' and GDPR Article 22 'Automated individual decision-making, including of profiling').
To exercise your rights, please send a request to: firstname.lastname@example.org .
The Company undertakes to provide you, as far as is technically possible, automated means for exercising your rights and to proceed with the satisfaction of your requests in principle free of charge, unless your requests are repeated frequently and due to volume they have administrative costs for us, with the which you will incur.
The company will make every effort to respond to any of your related requests within thirty (30) days of receipt. However, in the event that, due to the complexity of your request or the volume of information, it is not possible to satisfy your request within thirty days, the Company will inform you within the above period in writing of the reasons for the delay and will make every effort to the satisfaction of your request as soon as possible and in any case within two additional months.
In any case, you have the right to submit a complaint to the Personal Data Protection Authority, which may also accept the submission of relevant complaints either in written form in the protocol (Kifissias 1-3, P.O. 115 23, Athens) or electronically ( www.dpa.gr ).
In case you have given your consent to receive the newsletter , you can withdraw it at any time, you can send your request to the address: email@example.com , as well as with every newsletter you receive.
14. SOCIAL PLUGINS – BUTTONS
Our company uses our website Social Plugins (hereinafter "buttons") of social networks, such as Facebook , Twitter and Linkedin .
When you visit our website, these buttons are normally disabled, that is, they do not send data to social networks without your active participation. To use these buttons, you must activate them by clicking with the mouse. After activation, a direct connection is created with the server of the respective social network.
If you are a member of a social network and do not want the data collected when you visit our website to be associated with your data stored in the social network, you must log out of the respective social network before activating the buttons.
We have no control over the amount of data social networks process through their buttons. Information about the purpose and volume of data collection, the individual processing and use of data by the social networks, as well as your rights and set-up options regarding data protection can be found in the social networks' data protection statements [specifically you can read the cookie and data protection policy for Facebook: https :// el - gr . Facebook . com / policies / cookies / and https :// www . Facebook . com / policy . php , for the Twitter : https://twitter.com/en/privacy and https://help.twitter.com/en/rules-and-policies/twitter-cookies and for LinkedIn https://www.linkedin.com/legal/privacy-policy and https://www.linkedin.com/legal/cookie-policy ].
15. GOVERNING LAW AND OTHER TERMS
Last update and modification of this protection policy: 17.02.2021 … …. / 09/2022.
The above terms and conditions of use of the Company, as well as any modification, change or alteration thereof, are governed and supplemented by Greek law, European Union law and the relevant international treaties.
Any provision of the above terms that becomes contrary to the law, automatically ceases to be valid and is removed from this, without in any way affecting the validity of the other terms.
This constitutes the overall agreement between the Company and the visitor / user of its pages and services and binds only them.
No modification of these terms shall be considered and shall not form a part of this agreement unless made in writing and incorporated herein.
16. COOKIES POLICY