PRIVACY POLICY - Clinica Stomatologica Trident

Clinica Stomatologica Trident » PRIVACY POLICY

of the clinicatrident.ro website

We are pleased that you are interested in our products and services and would like to provide you with some key information regarding our approach to protecting your personal data.

Please check this section regularly as the policy may undergo changes or updates. Any significant changes to this policy will be notified.

By using this site you consent to the collection, processing and transfer of your data as described in this privacy policy.

In addition to this notice, please also consult the COOKIE USE POLICY

You can contact us via the details on the contact page for any further information on how we use your data.

Who are we

We, TRIDENT DENTAL SRL („Clinica Trident”), owners of the website clinicatrident.ro, are the first dental clinic that approaches the modern solution of specializing doctors on specific stages of treatment. We have set out to stand out through professionalism and exceptional quality services that are based on a set of values at a high level of exigency. Thus, professionalism defines every service we offer, which is why we pay special attention to protecting your data.

Information about the Trident Clinic

TRIDENT DENTAL SRL has its headquarters in Bucharest, Str. Dr. Louis Pasteur, no. 1A, sector 5, is registered in the Trade Register under no. J40/7330/2003, having fiscal code no. 15479417

Contacts+031.005.09.47|office@clinicatrident.ro| clinicatrident.ro

Where we collect data about you

In general, the personal data we collect is provided by you via email, through this website, dedicated application, social media networks, or during your visits to our clinic.

We may receive data about you from the legal entities that you represent in the relationship with Triden Clinic, in the situation where you have, for example, been designated as a contact person or are its legal representative. In all cases where we receive personal data from a legal entity, it has the obligation to inform you of this.

Occasionally, when we are in the recruitment process, we may collect data about you from specialized online platforms (eJobs, LinkedIn, etc.) or from the CVs you send us.

Also, when you interact with us on social media (ie like, share, comment, reviews, etc.), we will inevitably have access to information about you, especially data that you have made public on your social media profile.

Use of the Website or Mobile Application

By accessing or using any part/function of the clinicatrident.ro website or the mobile application, you agree to accept and comply with the terms, conditions and policies mentioned and/or available via hyperlink, you are at least of legal age according to the laws of Romania or you consent , as the holder of parental responsibility, regarding the use of the website / mobile application by a minor. If you do not accept the terms, conditions and policies set out in this documentation, then you should not continue to access our website and/or use our services.

The content of the clinicatrident.ro website: images, texts, web graphic elements, scripts, software, design rights, model rights, patents, registered trademarks are fully the property of Clinica Triden and are protected by the Law on copyright and related rights and the laws regarding intellectual and industrial property. The use without the consent of the Triden Clinic of any of the elements listed above is punishable, according to the legislation.

The services offered by Clinica Trident are described on the Website, in the „Services” section of the main menu (clinicatrident.ro/servicii). Trident Clinic does not guarantee the availability of these services at any time.

Scheduling a consultation or one of the services available on the website can be done by filling out the Contact Form, available on the contact page. Completing the appointment form does not guarantee the registration of the appointment. An appointment is considered registered only after the Trident Clinic sends a written/telephone confirmation.

How we use personal data

Please find below the purposes for which we process your personal data, the people who have access to your data, and how we store it.

When you contact us through the website or our social media accounts

If you interact with us using the contact details on the contact page or interact with us via social media, we will use your contact details and the data you provide to us to deal with your request.

Personal Data	Name, first name, phone number, email address and any other data you voluntarily submit to us
Legality of processing	We process your data to process the request of the data subject before concluding a contract (Art. 6 / 1 / b GDPR) or in our legitimate interest (Art. 6 / 1 / f GDPR) to answer any question , complaints or recommendations you send us and to improve our services and the experience we offer our customers.
Who we may share your data with	• Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems • Social media platforms: Facebook, Instagram • Regulatory and other government authorities, if required by legal or statutory requirements. We will disclose your personal data only to the extent that it is strictly necessary to ensure the effectiveness of communication.
How long we will store the data	We will not keep in our database communications older than 1 year, from the date of the last interaction. Data transmitted through social media networks will be stored by them according to their own policies.
Where the data is stored	The data recorded through the clinicatrident.ro website will be stored on the servers of the hosting provider, located in the European Union. Data transmitted through social media networks will be stored by them according to their own policies. The data we download locally we will store on our secure, local and cloud Servers

Registering an account in the mobile application (Trident app)

The TRIDENT app, available in the Apple Store (Apple) or the Play Store (Android) is the key to accessing the clinic.

Through the application installed on the mobile device you can follow your treatment plan, communicate with the coordinating doctor, manage costs, pay them, give feedback, make an appointment if necessary, find out information about the doctors who treat you and opt for the ones you want.

You can also quickly refer a loved one who needs dental care. Through the application, you will be able to send a link to the person’s phone, through which they will authenticate to our platform.

Through the Digital Patient Account you will gradually benefit from long-term privileges and occasionally, surprisingly pleasant ones.

We process your personal data for:

• using the Trident application (realizing the patient scheduling process, receiving and identifying patients when they show up for the appointment, and receiving feedback, the dialogue between the patient and the clinic.

• completing contracts;

• sending personalized information/announcements/notifications (only if you opt for this during communications);

• solving problems related to the platform

• customer support services;

• for the transmission of information messages regarding news of interest to patients

• to improve our services;

• defending the legitimate interests of Trident app

• compliance with applicable laws, regulations, legal processes or governmental requests

Personal Data	Name, address, email address, telephone number, date of birth, password, online identifiers (IP)
Sensitive personal and/or demographic data	Any sensitive and/or demographic information that you voluntarily communicate to us in the appointment process such as: gender, citizenship and/or citizenship information, communication of patient medical or health information (conditions, previous treatments, etc.) and/or data of racial, ethnic or religious origin.
Legality of processing	We process your data to process the request of the data subject before concluding a contract (Art. 6 / 1 / b GDPR) We process your data for the execution of a contract – the performance of the medical act established by the specialist doctor (Art. 6 / 1 / b GDPR) We process the data based on your consent (Art. 6 / 1 / a GDPR), for marketing communications We will process the data in legitimate interest if you are our customer and we believe that the information could be of great interest to you (Art. 6 / 1 / f GDPR) We process your data in our legitimate interest (Art. 6 / 1 / f GDPR) to improve our services and the experience we offer to our customers, to evaluate products and to enable other users to learn more about that product To detect, prevent or otherwise address fraud, security breaches or technical problems or to protect us against the infringement of property rights or against the security breach of the Trident application and implicitly the data of the users of our application (Art. 6 / 1 / f GDPR) Special categories of personal data will be processed in order to schedule the patient in order to perform the medical act established by the specialist doctor (Art. 9 / 2 / h GDPR)
Who we may share your data with	Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems Billing and accounting service provider The service provider of integrated communication services and Public Relations Medical PR Agency S.R.L. Regulatory and other government authorities, if required by legal or statutory requirements.
How long we will store the data	We will keep the data registered in your account until you decide to close your account or for 5 years after the last login to the account, in order to be able to follow the evolution of treatments / interventions over time. The data entered in the financial-accounting documents (e.g. invoices, payments made with the card, cash-back payments, etc.) will be kept in the archive for 5 years, starting from the end of the financial year during which they were drawn up, in accordance with the periods of the Accounting Law no. 82/1991 and Order 2634/2015.
Where the data is stored	The data recorded through the TRIDENT APP mobile application will be stored on the servers of the hosting provider, located in the European Union. The data we download locally we will store on our secure, local and cloud Servers

We recommend that you consider the following features when setting passwords:

○ Contain both uppercase and lowercase letters (eg a-z and A-Z).

○ Contain numbers and special characters (eg !@#$%^&*()_+=}{: ” ?><)

○ Contains at least six alphanumeric characters.

○ not a word in any language, jargon, dialect, etc.

○ They are not made on the basis of personal information, surnames, etc.

Making an appointment through the clinicatrident.ro website or by phone

Website visitors have two ways to make an appointment for one of the services offered by our clinic: by phone (031.005.09.33) or through the online appointment form. To register the appointment, we need your data or the patient’s data (if you make the appointment on behalf of a patient, e.g. a minor).Atenție: o programare este considerată a fi înregistrată doar după aceasta a fost confirmată de echipa Trident.

Personal Data	Name, address, email address, telephone number, date of birth, password, online identifiers (IP)
Sensitive personal and/or demographic data	Any sensitive and/or demographic information that you voluntarily communicate to us in the appointment process such as: gender, citizenship and/or citizenship information, communication of patient medical or health information (conditions, previous treatments, etc.) and/or data of racial, ethnic or religious origin.
Legality of processing	We process your data to take steps at the request of the data subject before concluding a contract (Art. 6 / 1 / b GDPR) We process your data for the execution of a contract – the performance of the medical act established by the specialist doctor (Art. 6 / 1 / b GDPR) We will process the data in legitimate interest if you are our customer and we believe that the information could be of great interest to you (Art. 6 / 1 / f GDPR) Special categories of personal data will be processed in order to schedule the patient in order to perform the medical act established by the specialist doctor (Art. 9 / 2 / h GDPR) To detect, prevent or otherwise address fraud, security breaches or technical problems or to protect us against the infringement of property rights or against the security breach of the Trident application and implicitly the data of our website users (Art. 6 / 1 / f GDPR)
Who we may share your data with	Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems The service provider of integrated communication services and Public Relations Medical PR Agency S.R.L. Regulatory and other government authorities, if required by legal or statutory requirements.
How long we will store the data	Medical data will be stored in order to track the evolution of the condition over time. for 100 years according to National Archives Law The data entered in the financial-accounting documents (e.g. invoices, payments made with the card, cash-back payments, etc.) will be kept in the archive for 10 years, starting from the end of the financial year during which they were drawn up, in accordance with the periods of the Accounting Law no. 82/1991 and Order 2634/2015.
Where the data is stored	The data recorded in our scheduling system will be stored on the servers of the hosting provider, located in the European Union. The data we download locally we will store on our secure, local and cloud Servers

Completing a dental treatment and guaranteeing the work

Whenever you use the treatments offered by the Trident clinic, personal information, including medical information, will be recorded in the patient record.

In order for each client of the Trident Clinic to be able to afford treatments at the highest standards, they benefit from alternative payment programs. Thus, beyond the classic methods of payment – cash, card, payment order – installment payment contracts can be concluded, without interest. Moreover, we offer the possibility of direct settlement of dental treatments for private health insurance concluded with BUPA International

Upon completion of the treatment, patients receive a guarantee certificate attesting to both the professionalism and the durability of the quality of the dental process.

Personal Data	Name, email address, phone number, gender, age
Sensitive personal data	Any sensitive information relevant in carrying out the medical act established by the specialist doctor, eg: medical or health information of the patient (conditions, previous treatments, etc.), etc.
Legality of processing	We process your data for the execution of a contract – the performance of the medical act established by the specialist doctor (Art. 6 / 1 / b GDPR) We will process the data in legitimate interest to issue the guarantee certificate (Art. 6 / 1 / f GDPR) Special categories of personal data will be processed in order to schedule the patient in order to perform the medical act established by the specialist doctor (Art. 9 / 2 / h GDPR)
Who we may share your data with	Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems Specialist technicians, specialist doctors Billing and accounting service provider The provider of the card payment system BUPA International private health insurance company Regulatory and other government authorities, if required by legal or statutory requirements.
How long we will store the data	The data entered in the patient file will be stored for 5 years in order to track the evolution of the condition over time. The data entered in the financial-accounting documents (e.g. invoices, card payments, refund payments, etc.) will be kept in the archive for 10 years, starting from the end of the financial year during which they were drawn up, in accordance with the periods of the Accounting Law no. 82/1991 and Order 2634/2015.
Where the data is stored	The data recorded in our data management system will be stored on the servers of the hosting provider, located in the European Union. The data we download locally we will store on our secure, local and cloud Servers

Commercial and marketing communications

We may send you information about our products and the services we offer if you have requested this information (via email, contact page or by subscribing to our newsletter) or if you are already our customer and this information may be of particular interest to you.

If you do not want such commercial communications to your company-designated email address, you can indicate a generic email address (for example, office@company.com) or ask us not to send such information.

Personal Data	Name, email address, phone number
Legality of processing	• We process your data to process at the request of the data subject before concluding a contract (Art. 6 / 1 / b GDPR) • We process the data based on your consent (Art. 6 / 1 / a GDPR), for marketing communications • We will process the data in legitimate interest if you are our customer and we believe that the information could be of great interest to you (Art. 6 / 1/ f GDPR)
Who we may share your data with	• Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems • The service provider of integrated communication services and Public Relations Medical PR Agency S.R.L. • Regulatory and other government authorities, if required by legal or statutory requirements. We will disclose your personal data only to the extent that it is strictly necessary to ensure the effectiveness of communication.
How long we will store the data	• We will not retain communications older than 1 year from the last interaction. • In the case of subscribing to the newsletter, data processing will continue until you request to unsubscribe • In the case of processing carried out in legitimate interest, when you are already our customer, we will continue to process your data for 10 years from the last date you benefited from our services.
Where the data is stored	The data recorded in our data management system will be stored on the servers of the hosting provider, located in the European Union. The data we download locally we will store on our secure, local and cloud Servers

Important:

If you want to stop receiving newsletters or informative materials from clinicatrident.ro, all you have to do is press the „Unsubscribe” button (or send an email stating your desire to unsubscribe, to office@clinicatrident.ro). ro) and you will be unsubscribed from those communications.

When you interact with us through social media or when you share information from the Site

It is the responsibility of clinicatrident.ro and the social media platform (as associated operators), in accordance with community policies, to process the personal identification data shared between us and the social network (for example, cookie ID) when a user of the site- Our website shares information via integrated buttons (links) to social networks

On our website, you can use social plugins (e.g. the „Like” button) from Facebook and Instagram

Personal data	Name, picture, any publicly accessible information in your social media profiles, or voluntarily communicated by you.
Legality of processing	Our legitimate interest (art. 6 / 1 / f of the GDPR) to answer any question, suggestion or complaint you send us and to keep you informed about the news that Clinica Trident launches and which could be of great interest for you
Who we may share your data with	• Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems • Online platforms: Facebook, Instagram • The service provider of integrated communication services and Public Relations Medical PR Agency S.R.L. • Regulatory and other government authorities, if required by legal or statutory requirements. We will disclose your personal data only to the extent that it is strictly necessary to ensure the effectiveness of communication. We have taken all necessary measures to ensure that external service providers who have access to your data have implemented physical, electronic and managerial security measures to protect data.
How long we will store the data	Data transmitted through social media networks will be stored by them according to their own policies.
Where the data is stored	The data is stored on the servers of the social networks, located in the European Union The data we download locally we will store on our secure, local and cloud Servers

Participation in various campaigns/contests/events

clinicatrident.ro wants to increase the loyalty of its customers by organizing campaigns, contests or events dedicated to them.

As a rule, these events, depending on the specifics of each one, benefit from their own regulation or policy. User registration is generally done by entering a valid e-mail address. Customers who will enjoy certain benefits following participation in these events will be asked for additional data to take possession of those benefits.

Personal data	Name, surname, telephone number, e-mail address, city, and CNP (possibly copy of CI) for those who come into possession of the benefits
Legality of processing	We process data based on your consent (Art. 6/1/a GDPR), for marketing communications We will process the data in legitimate interest for your registration in the campaign/competition (Art. 6 / 1 / f GDPR)
Who we may share your data with	• Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems • Billing and accounting service provider • The service provider of integrated communication services and Public Relations Medical PR Agency S.R.L. • Online platforms: Facebook, Instagram • Regulatory and other government authorities, if required by legal or statutory requirements. We will disclose your personal data only to the extent that it is strictly necessary to ensure the effectiveness of communication.
How long we will store the data	The data of participants who were not winners or who did not benefit from certain benefits, will be stored for 12 months after the end of the contest/campaign/event Data transmitted through social media networks will be stored by them according to their own policies The data of the participants declared winners, entered in the financial-accounting documents, will be kept in the archive for 5 years, starting from the end of the financial year during which they were drawn up, in accordance with the periods of Accounting Law no. 82/1991 and Order 2634/2015.
Where the data is stored	The data recorded through the clinicatrident.ro website (or other websites owned and managed by us) will be stored on the servers of the hosting provider, located in the European Union. The data we download locally we will store on our secure, local and cloud ServersDatele transmise prin intermediul rețelelor de social media will be stored by them according to their own policies.

Loyalty cards

clinicatrident.ro wants to increase the loyalty of its customers by offering Trident cards through which customers, who in a period of time have completed treatments above a certain value threshold, are rewarded with certain benefits.

Issuing a Trident card involves, as you would expect, the processing of personal data.

Personal Data	Name, first name, phone number, email address
Legality of processing	We will process the data in legitimate interest for issuing the Trident card (Art. 6 / 1 / f GDPR)
Who we may share your data with	Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems Billing and accounting service provider Regulatory and other government authorities, if required by legal or statutory requirements. We will disclose your personal data only to the extent that it is strictly necessary to ensure the effectiveness of communication.
How long we will store the data	24 months after issuing the card The data of the participants declared winners, entered in the financial-accounting documents, will be kept in the archive for 5 years, starting from the end of the financial year during which they were drawn up, in accordance with the periods of Accounting Law no. 82/1991 and Order 2634/2015.
Where the data is stored	The data recorded in our data management system will be stored on the servers of the hosting provider, located in the European Union. The data we download locally we will store on our secure, local and cloud Servers

Facilitating easy and pleasant navigation on our website

When you access our website, we collect data about you through online identifiers (cookies and IP).

The website automatically collects certain information and stores it in log files.

We use this information to be able to design our website so that we can better adapt to the needs of our users. We may also use your IP address to help diagnose potential malfunctions of our servers and to administer our site, analyze trends, track visitor movements, and gather general demographic information to help identify visitor preferences.

You can find more information about cookies, as well as how to delete cookies and disable tracking by accessing the COOKIE POLICY available on our website.

Personal Data	Internet Protocol (IP), general computer location, device (country level), website viewing history, timestamp, request / action
Legality of processing	We use cookies that make your navigation on our website easy and pleasant, in our legitimate interest (Art. 6 / 1 / f GDPR) Non-essential cookies are not used without your consent (Art. 6 /1 / a GDPR)
Who we may share your data with	Providers of IT services for our company (hosting and data storage) or providers to whom we outsource certain technical support services for our website or providers of customer relationship management systems Google, Facebook, YouTube Regulatory and other government authorities, if required by legal or statutory requirements
How long we will store the data	See COOKIE USE POLICY
Where the data is stored	The data is stored on servers located in the European Union. (eg Google/Facebook servers – Ireland for third-party cookies)

Are the data collected and processed by clinicatrident.ro safe?

We have implemented physical, electronic and managerial security measures to protect and secure the information we collect and process.

But remember that, unfortunately, no data transmission is guaranteed to be 100% secure.

If you suspect a violation of the confidentiality of your data, please contact us immediately at: office@clinicatrident.ro.

Important: After the end of the data retention period, your data will be deleted. If we consider that this data could help us improve the quality of products or services, we will continue using this data only after the irreversible anonymization of this data.

Processing the data of minors

clinicatrident.ro is not intended for and does not knowingly collect information from children under the age of 18 through the site. Access to and use of the site by minors constitutes the implied consent of the legal guardian to the navigation of our site by the dependent minor. Also if we discover that a minor has used our site without the approval of the legal representative, we will delete all personal data about him.

YOUR RIGHTS AS A DATA SUBJECT

As a data subject you have specific legal rights regarding your personal data that we collect and process. clinicatrident.ro respects your rights and ensures that it properly takes your interests into account.

Withdrawal of consent: If the processing is based on your consent, you can withdraw your consent for that processing at any time.

Rectification of data: If you notice that we have incorrect personal data, you can ask us at any time to correct your personal data. We use reasonable efforts to keep personal data – which is used continuously and which is in our possession or control – accurate, complete, current and relevant, based on the most recent information available to us.

Restriction of processing: If you are in one of the situations below, you can ask us to restrict the processing of your data:
dispute the correctness of the personal data for the period in which we have to verify the accuracy,
o the processing is illegal and you request restriction of processing rather than deletion of personal data,
o we no longer need your personal data, but you request it to establish, exercise or defend a right, or
o you object to the processing during the period in which we check whether our legitimate reasons take precedence over your rights.

Access to your data: You can ask us for information about the personal data we hold about you, including information about what categories of data, what it is used for, where we collected it, if it is not collected directly from you and to whom they were disclosed, if applicable. You may obtain a copy from us free of charge containing the personal data we hold about you. We reserve the right to charge a reasonable fee for abusive requests.

• The right to portability: Upon request, we will transfer personal data to another operator, where technically possible, provided that the processing is necessary for the execution of a contract. Rather than receiving a copy of your personal data, you can request that we transfer your data directly to another operator specified by you.

The right to erasure: You can obtain from us the erasure of personal data, if:

– your data are no longer necessary for us in relation to the purposes for which they were processed;

– you object to the further processing of your personal data (see Right to object below);

– personal data were processed illegally;

– you withdraw your consent on the basis of which the processing takes place

Unless the processing is necessary:

in order to fulfill a legal obligation that requires the processing of that data by us;
in particular for legal requirements regarding data retention periods;
for establishing, exercising or defending a right in court.

• The right to object: You can object at any time to the processing of personal data due to your special situation. In this case, we will no longer process the personal data, if we cannot demonstrate well-founded, legitimate reasons and a major interest for the processing or for establishing, exercising or defending a right. When you object to the processing, please state whether you want the deletion of your personal data or the restriction of the processing of such data.

Right to lodge a complaint: In the event of an alleged breach of applicable privacy legislation, you may lodge a complaint with the data protection supervisory authority:

• The National Supervisory Authority for the Processing of Personal Data by completing the online form available at: Complaints ANSPDCP

Very important!

Time frame: We will try to resolve your request within 30 days. However, the period may be extended for reasons related to the specific legal right or the complexity of the request.

Access restriction: In certain situations, we may not be able to grant you access to all or part of your personal data due to restrictions imposed by law. If we refuse your access request, we will tell you the reason for the refusal.

Impossibility of identification: In some cases, we may not be able to identify personal data due to the lack of identifiers provided in the request you submit to us. In such cases, if you do not provide additional information that allows you to be identified, we will not be able to comply with the request to exercise the legal rights as described in this section.

Exercising your legal rights: To exercise your legal rights or for any further information on how we use your data, please contact our Data Protection Officer in writing or by text at office@clinicatrident.ro.

Thank you for reading our privacy notice and we would appreciate it if you could give us your feedback on how we can improve this policy.

Version updated on 06/26/2020