Personal Data Protection

Information about processing of personal data

In the text below, MEDIREX GROUP ACADEMY n. o., residing at Jána Bottu 2, 917 01 Trnava, Company registration No.: 47 242 990, registered in the Companies Register of the Trnava I District Court, Section: Sro, Insert No.: VVS/NO -85/2007 („the Company“), wishes to inform you about processing of your personal data you have provided or that you may provide in the future as follows:

1. Data security

The Company has adopted appropriate technical and organisational measures to protect your personal data. Besides other threats, these measures protect all personal data from loss, manipulation or unauthorised access. The adopted measures are subject to regular inspection and are continually adapted following the latest knowledge on the state of technology. Should we detect a breach in protection of your personal data which could lead to a high risk for your data protection rights, we shall inform you about the event without unnecessary delay within 72 hours of detecting any such breach.

2. Collection and processing of personal data

Personal data is processed in compliance with the applicable legislation in the sphere of personal data protection, in particular the EP and EC  (EU) Regulation 2016/679 on the protection of natural persons when processing personal data and on free movement of such data that repeals the Directive 95/46/EC (General Data Protection Regulation, “GDPR”). Provided data will be processed  in the information system titled LISApp serving to keep the records of patients’ IDs, results of patients’ tests, their long-term archiving and provision of services (any services provided by the Company, namely services in the sphere of healthcare and implementation of contractual relationship. Any personal data you may provide hereunder shall by  processed by the Company solely for the specified purpose.

3. Partners

The Company processes some personal data with the support of its subcontracted intermediaries, who provide administration, operation or service of the respective service provision systems. These partners have been carefully selected and apply suitable technical and organisational provisions to ensure that processing of your data is performed in compliance with the requirements of GDPR while guaranteeing protection of your rights. Our partners must not use the provided personal data for their own or other commercial purposes nor can they provide the data to any third parties. The Company does not provide lists of addresses to any third party (e.g. publishing companies, companies specialising in direct mail etc.).

4. Lawfulness of personal data processing

From the perspective of the purpose of processing your personal data, the processing may be performed (a) without your consent with the purpose of entering into contractual relationship or with the purpose of justified interest of the Company, or (b) with your consent, whereas the form where you enter your personal data states at least the purpose, extent and the duration of data processing.

5. Rights of the data subjects

5.1 In relation to data processing, you may exercise the following rights to which you are entitled:

  1. you may require a confirmation whether the Company processes your personal data and to what extent it does so;
  2. you may  require the Company at any time to correct or amend incomplete or incorrect personal data;
  3. you may require the Company to delete your personal data, provided that the reasons for its processing has ceased to exist, the processing is unauthorised, or it exceedingly infringes in your justified protected interests or the processing is performed based on your consent that has been revoked, however, there may exist other reasons that may prevent immediate deletion of your personal data, e.g. legally regulated deadlines for keeping the data, ongoing procedures, application, exercising or defending of legal claims etc.;
  4. you have the right to require from the Company limitation of processing of your personal data when
      • you deny correctness of the data, and do so for the period of time allowing the Company to verify correctness of the data,
      • processing of your data is unauthorised; however, you reject the deletion and instead you request limitation in usage of your data,
      • the Company does use the data for the intended purpose anymore, however, you still need this data to apply, exercise or defend your legal claims, or
      • you filed a complaint against processing of your data;
  5. you may require the Company to provide you with the data in a structured, commonly used and machine-readable format, as long as the data is processed on the basis of your consent or with the purpose of performing a contract and the processing is carried out using automated procedures.

5.2 Should you believe that the Company has breached the provisions of GDPR when processing your data thus breaching your rights, you may contact the Company’s data protection officer at  dpo@medirexgroupacademy.sk or alternatively, you may file a claim with the relevant data supervising authority.

6. Obtaining and processing of anonymous data

6.1 On the Webpage, the Company uses software for the analysis of web usage; by evaluating this data, the Company obtains important information about users’ preferences that helps the Company to improve the quality of its services. Upon each visit to the Webpage, the following data is specifically recorded in an unlimited manner:

  • anonymous shape of the IP address, which sent the request;
  • data and time of sending the request;
  • the name of the viewed page or file;
  • link of the page, from which you accessed this page;
  • browser and the version of browser that you use;
  • operating system that you use.

6.2 This data is evaluated for statistical purposes, while this is exclusively information that does not enable any association with you as a person (you shall remain anonymous).

6.3 In relation to the above, the so-called cookies are used. Cookie is a small text file that stores your online settings and your web browser downloads it upon the first visit of the Webpage. When the same end device accesses the Webpage next time, the cookie file and the data contained therein will either be sent back to the Webpage that created it or sent to another webpage to which it belongs.

6.4 The Webpage uses the following report with regards to cookies: “Updated cookies are used when accessing this webpage. They serve, e.g. to analyse traffic on this webpage or further improvement of the page by way of anonymous statistics with the purpose of advertising personalisation. By browsing the page, you automatically give consent to the principles of personal data protection and the usage of cookies.”  

6.5 You have previously given us consent to use cookies. Activation of cookies by way of settings of your web browser is also regarded as giving your consent.

6.6 Please note that in order to ensure full functionality of the Webpage, the above legislative limitations do not concern the essential cookies that cannot be deactivated. To deactivate these cookies, your browser shall display an ‘Opt-Out’ cookie so that we can match your decision with your data. Should you decide to use another browser o another PC or should you delete cookies, you will have to deactivate cookies again.

7. Contact details of the data protection officer

The Company has established a person responsible for processing of personal data (Data Protection Officer), to whom you may turn with any questions or concerns related to processing of personal data by the Company. You may reach the Data Protection Officer at dpo@medirexgroupacademy.sk.