In order to provide proper medical care, we record your contact details and medical data. We do this in line with the provisions on the medical treatment agreement (WGBO) and the General Data Protection Regulation (GDPR). We only use your data for the provision of medical care and the associated administration and protect your data well against infringement by third parties and will never share this with third parties without your permission. We keep your data for as long as necessary for the provision of our care (maximum six months) and as long as the law requires us to keep your data. After this period we will delete your data.
If data has been obtained with permission, you have the right to withdraw this permission. You can contact us for this via the information provided on our website.
Our employees only consult your data if this is necessary for the performance of their duties. Camera images are recorded for your and our safety. These images will be deleted after one month.
If – despite our precautions and due care – it should happen that third parties gain unauthorized access to your data, we will report this to the Dutch Data Protection Authority.
1.2 WHAT DOES SKINTOLOGY USE MEDICAL AND PERSONAL DATA FOR?
– We process health data in your medical record in order to provide you with high-quality care and to comply with legal obligations;
– Photos are a necessary tool to follow the treatment process, to assess the results or to decide how to proceed with further treatment. Photos are added to your medical file but only taken with your permission;
– Prior to making a consultation appointment, we may ask you to first send photos of the area to be treated, so that you know whether treatment is possible without unnecessary loss of your (travel) time.
– We keep track of your contact history. We see in your medical file what the contact was about, when the contact was made and with whom;
– We need to determine your age in order to comply with the code of conduct of the NVPC (Dutch Association for Plastic Surgery) and the NVCG (Dutch Association of Cosmetic Medicine).
1.3 SECURITY AND METHOD OF RETENTION
If you do not (yet) make a consultation appointment, we will keep your contact details for 6 months. In case you need us later. Every six months we check your medical and contact details to see if they are still in order.
No indication yet
If you do not yet have an indication to undergo treatment during the consultation, we can keep your data for 2 years. We are happy to help you if you do have an indication within the period of 2 years.
No treatment agreement
If you cancel your treatment or if you cannot be treated, we will delete your data after 4 months.
We make backups of the (special) personal data in order to be able to restore them in the event of physical or technical incidents. Please note that after we have changed or deleted your data at your request, it may be that this data may still be present in our backups for some time, until those backups are also deleted after 3 months. To secure your backup data, we have a username and password policy.
2. YOUR RIGHTS
You have the right to inspect your data. If it appears that data about you is incorrect, you have the right to have it corrected or removed by us. It may happen that it is not possible to (fully) comply with a request (for example, if your inspection leads to an infringement of the privacy of others). If you would like to view your data, please contact our Data Protection Officer at email@example.com. We will provide you with a response within 1 month of a request.
If you have any complaints or compliments about the way we handle your data, please contact our Data Protection Officer. If you cannot come to an agreement with our Data Protection Officer, you have the right to submit a complaint to the Dutch Data Protection Authority.