Česky
The purpose of this information is to provide you as a data subject with information about what personal data the hospital collects, for what purposes it is used, and where you can obtain information about your personal data that the hospital processes.
1. WHAT PERSONAL DATA DO WE PROCESS AND FOR HOW LONG?
Multiscan Ltd. processes personal data and sensitive data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, as well as in accordance with national data protection legislation.
We maintain a database of personal and sensitive data of our patients and are the data controller of this data:
Personal data and sensitive data that Multiscan Ltd. obtains and processes in connection with the provision of health services (medical records),
personal data for unambiguous and unmistakable identification,
personal data enabling Multiscan s.r.o. to contact you,
personal data relating to the relationship between Multiscan Ltd. and the patient.
Multiscan s.r.o. processes personal data in the case of compliance with legal obligations for the period of time specified by law; in the case of processing necessary for the performance of a contract, for the period of time necessary to ensure mutual rights and obligations arising from the contract, i.e. always for at least the duration of the contract; in the case of processing based on the consent of the data subject for the period of time specified in the consent or until its revocation. After the end of the period of legitimate processing, Multiscan s.r.o. will cease to process your personal data and will ensure its destruction in accordance with the relevant legal regulations.
2. FOR WHAT PURPOSES AND ON THE BASIS OF WHICH LEGAL TITLES DO WE PROCESS YOUR PERSONAL DATA?
For the purposes of maintaining medical records and other purposes related to the provision of health care, health protection and related activities based on the fulfilment of the legal obligations of the administrator as a health care facility under Act No. 372/2011 Coll., on health services and conditions of their provision, as amended, Act No. 373/2011 Coll., on specific health services, as amended, and other applicable health care legislation.
For the purposes of the implementation of the contractual relationship with the data subject in the provision of health services, i.e. negotiations on the conclusion of the contract or its amendment, the mutual performance of rights and obligations under the contract, as well as the protection of the rights and legally protected interests of the controller (in particular, securing and asserting legal claims under the contract).
For its internal use, primarily to protect our rights and legitimate interests, in particular to evaluate potential risks, to monitor the quality of services and to optimise the services provided.
For commercial and marketing purposes, i.e. in particular to offer additional services unrelated to the service provided, including the dissemination of commercial communications, pursuant to Act No. 480/2004 Coll., on certain information society services, as amended, on the basis of the voluntary consent to the processing of personal data.
In the case of voluntary consent, it is your free choice whether you provide your consent to the extent proposed by us. Multiscan s.r.o. is bound by the scope of the consent provided. The consent given can be withdrawn at any time. In the event that you withdraw your consent, Multiscan s.r.o. is obliged to terminate the processing of your personal data processed on the basis of the consent provided within a reasonable period of time, which corresponds to the technical and administrative possibilities of Multiscan s.r.o. You can give your consent to the processing of personal data to Multiscan s.r.o. again.
3. TO WHOM CAN OR MUST WE PROVIDE YOUR PERSONAL DATA?
To health care institutions, registries, government organizations that enter into the process of registration, treatment, control and contact with the patient;
To our processors who carry out partial or complete processing of personal data for Multiscan Ltd. on the basis of a relevant contract;
State authorities or public authorities in cases where Multiscan s.r.o. is required by law to provide personal data - in particular, state administration authorities, courts, law enforcement authorities, supervisory authorities, bailiffs, notaries, insolvency administrators, etc;
Other entities, if necessary to protect our rights, e.g. insurance companies, courts, bailiffs, auctioneers; the scope of the personal data provided is limited to the data necessary for the successful assertion of a claim;
To other entities, with your consent.
4. WHAT RIGHTS DO YOU HAVE IN RELATION TO THE PROCESSING OF PERSONAL DATA?
You can request information about what personal data Multiscan s.r.o. processes about you, as well as exercise the other rights listed below, at:
Multiscan s.r.o.
Okruhová 1135/44
155 00 Prague 5
or by e-mail: dpo@akesoholding.cz
Contact the Data Protection Officer:
Bc. Michal Voborník
Data Protection Officer (DPO)
dpo@akesoholding.cz
As a data subject, you are entitled to request information as to whether or not personal data concerning you is being processed by Multiscan s.r.o. and, if so, you have the right to access that personal data and information about:
the purpose of the processing of personal data,
the category of personal data concerned,
the recipient or category of recipients of the personal data,
the period for which the personal data will be kept,
the sources of the personal data,
whether automated decision-making, including profiling, is involved
Multiscan s.r.o. will provide you with a first copy of the personal data processed free of charge. For further copies or if the request is manifestly unfounded or unreasonable, Multiscan Ltd. may require payment of the costs associated with providing the information, such as postage costs.
If you have provided personal information to Multiscan Ltd. on the basis of consent, you have the right to:
obtain the personal data you have provided in a structured, commonly used and machine-readable format and the right to transfer that data to another controller,
to have personal data transferred directly from one controller to another controller, where technically feasible.
If you become aware or believe that the processing of your personal data by Multiscan s.r.o. has violated your rights or obligations under the Regulation or national data protection legislation, you may seek redress using any means available to the data subject under applicable law, in particular by asking Multiscan s.r.o. to:
rectification or erasure (destruction) of the personal data (except where the processing is necessary for compliance with a legal obligation), or
restriction (blocking) of processing.
Multiscan s.r.o. will always inform you without undue delay, in any case within one month of receipt of the request, about the processing of your request.
You can send your request to: dpo@akesoholding.cz
You can also contact the Data Protection Authority directly with your suggestions:
Data Protection Authority
Address: Pplk. Sochor 27, 170 00 Prague 7
Tel: 234 665 111, website: www.uoou.cz
5. CHANGES TO YOUR PERSONAL DATA
In order to ensure proper and correct processing, you must notify Multiscan s.r.o. of any changes to your personal data that occur.
