en

Privacy Policy

Last updated: 1 October 2019

UAB DANTŲ HARMONIJA – DENTAL HARMONY (hereinafter referred to as the Clinic) is the controller of the personal data processed therein, and ensures that personal data are processed at the Clinic in compliance with the personal data protection requirements applicable to data controllers. This Privacy Policy is applicable in cases where you provide us with your personal data through the https://dantuharmonija.lt/en/ website (hereinafter referred to as the Website).

In this Privacy Policy, we describe how we collect, use and manage your data when you use our Website. By using the Website, you consent to the collection and use of information in accordance with this Privacy Policy.

Please note that this Privacy Policy is only applicable to this Website. This Website may contain links to other websites that are not operated or controlled by us. Links on this Website do not mean that we have reviewed or endorse these third party websites.

The data protection policy has been drawn up in accordance with the following legislation:
  1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation; hereinafter referred to as the GDPR);
  2. Republic of Lithuania Law on Legal Protection of Personal Data (hereinafter referred to as the LLPPD);
  3. Republic of Lithuania Law on Electronic Communications (hereinafter referred to as the LEC). When processing personal data, the Clinic complies with the GDPR, the LLPPD and the LEC, as well as the requirements established in other legislation regulating the processing and protection of personal data.
Information about the Clinic:

UAB DANTŲ HARMONIJA – DENTAL HARMONY
Legal entity code: 300918748
Office address: Kalvarijų str. 21-6A, Vilnius
Business address: Olimpiečių str. 1A-9, Vilnius

E-mail: klinika@dantuharmonija.lt
Tel. +370 610 11 222, +370 5 27 222 11

Home

Information about the Clinic’s data protection officer:

No data protection officer has been appointed at the Clinic.

What information do we collect about you?

We collect and use the following information:

  1. Personal data. When you use our Website, we may collect certain personal information about you (hereinafter referred to as Personal Data), i.e. when you voluntarily provide such information, such as when you use certain services of ours, contact us through an enquiry form, etc. When we collect Personal Data, we provide a link to this Privacy Policy.
  2. Usage data. We may also collect information that your browser provides when you visit the Website or access the Website via a mobile device (hereinafter referred to as Usage Data). 

    This may include information related to your IP (Internet Protocol) address, browser and device type, information about which websites you visited previously, and other identifiers related to your device.
    When you use the Website on a mobile device, Usage Data may include information such as the type of mobile device used, the unique ID of the mobile device, the IP address of the mobile device, the operating system, the type of web browser used, the unique identifier of the device and other diagnostic data.
    Please note that this information, which is collected passively using various technologies, cannot be used to specifically identify you. This Website may use this information and combine it with other information in order to monitor, for example, the total number of visitors to the Website, the number of visitors to each page of the Website, and so on.

  3. Cookie data. The Website uses cookies to allow us to monitor the activities of the Website and store certain information. For more information, see our Cookie Policy on the Website.
For what purposes are your personal data collected?

The Clinic processes your Personal Data, as a data subject, for the following purposes:

  1. For the purpose of registration on the Website;
  2. For the purpose of completing the health questionnaire;
  3. For direct marketing purposes.

We use personal data for the various purposes described in this Privacy Policy. If you provide Personal Data for a specific purpose, then we may use these data based on the purpose for which the data were provided. For example, if you contact us by e-mail, we use the Personal Data you provide to answer your question or solve your problem. If you provide Personal Data in order to use certain services on the Website, we will use your Personal Data to provide you with access to these services and to monitor your use of these services. Along with our subsidiaries and affiliates (hereinafter referred to as Affiliates), we may also use your Personal Data and other non-identifying information collected through the Website to help us improve the content and functionality of the Website, better understand our users, and improve our services. We and our Affiliates may use this information in communicating with you about the provision of services.

What are the bases for the lawful processing of the Personal Data you provide?

The Personal Data you provide are only processed according to the criteria (bases) for the lawful processing of personal data established in legislation, and only for the purposes for which the data were obtained. Your Personal Data can only be processed with a legal basis, i.e.:

  1. In order to take steps at the request of the data subject prior to entering into a contract (GDPR Article 6(1)(b)), where Personal Data are processed for the purposes of registration on the Website;
  2. In order to provide health care services (GDPR Article 9(2)(h)), where Personal Data are processed for the purpose of completing a health questionnaire, i.e. when you provide us with your health data;
  3. On the basis of your consent (GDPR Article 6(1)(a)), where personal data are processed for direct marketing purposes.
What Personal Data do we process?

For the purpose of registration on the Website, the following Personal Data are collected and processed:

  1. Mandatory data: Name, surname;
    Date of birth;
    Telephone number;
    Postal address.
  2. At the initiative of the person filling out the registration form, the following optional data may be provided: Other contact details;
    Other information. For the purposes of completing the health questionnaire, your relevant health data obtained after you complete the health questionnaire via the Website are collected and processed.
For the purpose of direct marketing, the following Personal Data are collected and processed:
  1. Name, surname
  2. Postal address
  3. Telephone number
Do you have to provide us with Personal Data?

Please be informed that if you would like to register on the Website or for us to send you direct marketing messages, you must provide us with the above Personal Data.

How long will the Personal Data you provide be retained?

The Clinic shall store your data to the extent required by the legislation regulating the Clinic’s activities. In cases where no time frames are established in legislation, the Personal Data that you provide through the Website shall be retained:

  1. for direct marketing purposes – for five (5) years from the date of giving consent or until the date of withdrawal of consent;
  2. in other cases (when the data retention period is not established in legislation) – for three (3) years from the day of your last visit to or last correspondence with the Clinic. Who do we provide your Personal Data to?

Information that you provide to us, including Personal Data, may be transferred to computers located outside of your jurisdiction, where data protection laws may differ from those in your jurisdiction. If you are outside the Republic of Lithuania, please note that we transfer these data to Lithuania and process it here. By voluntarily providing us with Personal Data, you consent to its use in accordance with this Privacy Policy.

Please be informed that we will not share your Personal Data with others without your permission, except in the following cases:
  1. Service providers
    For the processing of Personal Data, the Clinic has the right to use data processors who process data on behalf of the Clinic, such as cloud computing, server rental and related service companies that store your personal data, as well as IT maintenance companies that may have access to your personal data, companies providing marketing services, and so on. Such data processors act exclusively in accordance with the Clinic’s instructions and legislative requirements.
  2. Affiliates
    We may also share Personal Data with Affiliates for purposes consistent with this Privacy Policy.
  3. Business transfer
    As we develop our business, we may buy or sell a business or property. In the event of the Clinic’s sale, merger, reorganisation, liquidation or similar event, Personal Data may be part of the property being sold.
  4. Legal requirements
    We may disclose your information to third parties if we establish that this disclosure is reasonably necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse against us or our users; or (d) protect our proprietary rights.

The Clinic shall not transfer your personal data to third countries or international organisations, i.e. those outside the European Union, except in cases where it is obliged to do so by legislation or courts, or where this is necessary for the implementation of one of the purposes specified in this Policy.

European Union requirements

When submitting your Personal Data through our Website and in accordance with the GDPR, you have the following rights:

  1. the right of information about processing;
  2. the right to obtain access to personal data, including the right to a copy of the personal data;
  3. the right to rectification of your personal data if they are inaccurate;
  4. the right to obtain the erasure of personal data (“right to be forgotten”);
  5. the right to request restriction of the processing of your personal data;
  6. the right to data portability;*
  7. the right to object to processing.*

*This right can only be exercised in cases where your Personal Data are processed at the Clinic for direct marketing purposes.

Please be informed that if you do not agree with the Clinic’s decision on a request you have submitted related to the exercise of your rights as a data subject, you have the right to lodge a complaint with the State Data Protection Inspectorate (for more information, see: https://vdai.lrv.lt/).

You also have the right to withdraw your consent (if you have given it) to process your Personal Data at any time. You can withdraw your consent at any time by e-mailing a request to be removed from our mailing list to klinika@dantuharmonija.lt. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

In order to be able to exercise the rights mentioned above, you must submit a request to us in writing and in a way that allows us to identify you, i.e. by confirming your identity. Requests for the exercise of GDPR rights where it is not possible to determine the identity of the person making the request shall not be examined at the Clinic.

All notifications related to the processing of personal data are to be submitted:
  1. By e-mail: klinika@dantuharmonija.lt;
  2. In person at the Clinic: Olimpiečių str. 1A-9, Vilnius.
  3. By post: Olimpiečių g. 1A-9, 09235 Vilnius.

Your requests regarding the exercise of your rights established by the GDPR shall be examined within one month. Depending on the complexity of the request and number of requests received, this period may be extended for another two months.

Requirements for written requests:
  1. the request must be legible;
  2. the request must be signed;
  3. the request must include your full name, place of residence, and contact information for communication;
  4. the request must specify the right you wish to exercise and, where applicable, arguments or documents supporting the request;
  5. if the request is being submitted by a representative on your behalf, the request must include not only the above data, but also the name of your representative:
  6. the representative’s full name, place of residence, and contact information for communication.
Identity verification methods:
  1. When submitting a request in person at the Clinic: by presenting an identity document to the Clinic employee;
  2. When submitting a request by post: the request must be accompanied by a copy of your identity document certified by a notary, or a copy of this document certified in another manner established by legislation;
  3. When submitting a request by e-mail: requests submitted in this way must be signed with a qualified electronic signature or formed by electronic means that ensure the integrity and immutability of the text (except for cases where you are withdrawing your consent to process personal data in accordance with the procedure set forth in this Policy).

Signing the request with a qualified electronic signature allows the Clinic to properly identify you and ensure that the information you requested or the information about the execution/refusal of the actions you is only disclosed to the person for whom it is intended, i.e. to you.

Scanned copies of signed requests or complaints submitted by e-mail without signing them with a qualified electronic signature do not comply with legislative requirements. Submitting a request in this way may be an obstacle to accepting your request for examination, so if you do not have a qualified electronic signature, you should submit the request by post or come to the Clinic in person.

When submitting a request through a representative, the request must be accompanied by a document confirming the representation or a copy thereof, approved in the manner established by legislation.

Amendments

From time to time, we may amend or supplement the terms and conditions of this Privacy Policy. The Clinic shall announce and amendments on the Website.

We recommend reviewing this Privacy Policy periodically regarding any amendments that may have been made. This Privacy Policy was last updated on the date indicated above. If you continue to use the Website after any amendments or revisions to this Privacy Policy, you shall be deemed to consent to the terms and conditions of the updated Privacy Policy.