Privacy Policy

Introduction

Privacy Policy

This Privacy Policy determines the use of the websites and services of ‘PRIVATE PRACTICE VASILEIOS SPYROU Medical Single Member P.C’, General Commercial Registry: 153777301000 with the distinctive title «V. SPYROU ΙΚΕ – Acupuncture Institute» located in  125-127 Kifissias Avenue Athens 11524, Greece.

Acupuncture Institute respects your privacy and is committed in ensuring the security and confidentiality of the personal data you provide us with.

The protection of the privacy of our patients is one of the major priorities of Acupuncture Institute. We strictly follow the existing legal framework that ensures the high quality of the services offered. The collection and retention of personal data is carried out for legal and specified purposes and takes place with complete transparency in a confidential manner.  The information gathered must be appropriate, relevant and accurate and it is always used in a confidential manner.

By accepting the Privacy Policy and Terms and Conditions, you acknowledge that you have read and agreed with this Privacy Policy. These terms of privacy policy may be modified, updated as a whole or in part, but the latest version in force, at all times, will always be accessible via the website page of Acupuncture Institute.

Definition of the term “personal data”

The term “personal data” states any information related to identified or identifiable physical persons. An identifiable physical person is someone who can be identified, directly or indirectly, through an ID/passport and information that identifies the physical, physiological, genetic, mental, economic, cultural or social identity of the specified person.

Definition of the term “health data”

The term “health data” includes personal data related to the physical or mental health of a physical person. This regards information about the health condition of that physical person, including the provision of health care services and disclose information related to his/her state of health. Some of these characteristics are the following: physical, genetic, psychological, physiological.

Definition of the term “data processing”

The term “data processing” refers to any operation or set of operations which is performed with or without the use of automated means. This also accounts for manually processed  personal data or  data sets. Such operations could be the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, restriction, erasure or destruction of personal data.
The General Data Protection Regulation (GDPR) applies to the processing of personal data wholly or partly by automated means as well as to non-automated processing, if it is part of a structured filing system.

Definition of the term “Data Controller”

The person responsible for data handling (data controller) determines the purposes and the means by which personal data is processed. The term “Data Controller” designates the natural or legal person, public authority, service or any other entity which, alone or jointly with others, determine the scope and purpose of personal data processing. The purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Personal Data Controller for the Acupuncture Institut is Mr. Vasilis Spyrou.

What categories of data we collect

• Personal details (name, surname, ID card or/and passport number, social Security Number (AMKA), Tax Identification Number, gender, date of birth, nationality.
• Contact details (landline and mobile phone, Postal address, e-mail address, social networking page accounts etc).
• Special categories data related to your physical health either past, current or future including information such as medical history, medical examinations and actions. General information derived during the course of provision of medical services can also be included. Information on disease, disability, risk of disease, medical history, clinical treatment or your physiological or biomedical situation.
• Payment details by either using credit or debit card
• In cases of arrivals from the Greek province or abroad, data on accommodation, dates of arrival and departure.
• Answers to our questionnaires and your overall evaluation regarding the services we provide.
• Any personal data you choose to share with us for the best possible service.

Why do we collect your data

The collection, processing, use and storage of your personal data is carried out for the fulfillment of the following purposes:

• To provide the best possible health services.
• For the observance and fulfillment of our contractual obligations.
• For information and advertising use after your consent has been secured.
• In compliance with the provisions in force, the legal framework governing health facilities and the Applicable Law.
• To fulfill your information requests and to remember your preferences and registration information.
• To measure and obtain data for administrative and communication purposes in order to operate and improve the effectiveness of our services and of our Website.

Rights

Your rights regarding your personal data that we process are as follows:

• You can withdraw your consent to the use of your data for advertising or information purposes at any time you wish.
• Ask for information about the type of processing that your data has been subject
• You may request to change, correct or update your data when deemed necessary.
• Complete and definitive deletion of your data from our records can be requested by you.
• You can request a copy of all or part of your personal data in a commonly used and machine-readable format.

You may also address your complaints and concerns about the use and protection of your personal data with the responsible Personal Data Protection Authority.

Definition of the term “Data Protection Officer”

The Data Protection Officer (DPO) ensures that the processing is carried out in accordance with the General Data Protection Regulation and mediates between the various stakeholders (e.g. supervisory authorities, data subjects).

Mr. Vasilis Spyrou is responsible for the protection of personal data for the Acupuncture Institute.

Data and information security safeguards

The Acupuncture Institute has adopted and applied all appropriate technical and organizational measures in order to secure processing of personal data so accidental loss or destruction of them can be prevented. It also ensures the prevention of illegal access, use, modification or disclosure by third parties. It is responsible for compliance in the collection, processing and secure maintenance of personal data, under the provisions of national, European and international law in connection with the individual’s protection against the processing of its personal data, always taking into account the provisions of the General Regulation on Data Protection. It should be noted that the way the internet works and the fact that it is free to anyone does not allow guarantees that unauthorized third parties will never be able to violate the applicable technical measures and access your data for unauthorized purposes.

Cookies’ Policy

The website of the Acupuncture Institute uses “cookies”.

Cookies are small, often encrypted text files, located in browser directories. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user friendly, more efficient and more secure. They usually describe your data in order to “remember” you during the next visit to the same site later.

Cookies may come from the website we have visited or from someone else (third-party cookies), for example through advertisements. They collect statistics on browsing activities, but they do not identify you as an individual.

Contact Form

If you send us questions using our contact form, your personal details from the question form, including the contact information you provided there, will be stored by us for the purposes of processing the question and in case of subsequent questions. We will not transmit this data without your consent.

The processing of the data entered in the contact form is done exclusively based on your consent. You can revoke this consent at any time. All you need to do is send us an e-mail. The legality of the data processing work carried out before the recall remains unaffected by the recall.

The data you entered in the contact form will remain with us until you request a deletion and revoke your consent for storage. Standard legal provisions – especially retention periods – remain unaffected.

Jurisdiction

It is expressly agreed that the Courts of Athens applying Greek law will be solely responsible for resolving any dispute, claim, interpretation or dispute arising out of or relating to the Terms of this Privacy Policy.

Communication

In order to exercise these rights, to express any inquiry or complaint and to evaluate our Privacy Policy, you may contact the Personal Data Protection Officer (Mr. Vasilios Spyrou) at contact [at] orasisac.com or send your inquiries by mail to Acupuncture Institute 125-127 Kifissias Avenue Office 536-538, Athens P.C. 11524 Greece.