The website www.dentatime.com (the “Website”) is owned by “DENTATIME 12 – INDIVIDUAL PRACTICE FOR PRIMARY MEDICAL CARE IN DENTAL MEDICINE” EOOD, EIK 204609328, a commercial company specializing in the provision of dental services, as well as diagnosis, treatment, control, rehabilitation, and monitoring of dental patients, and other similar activities related to comprehensive patient care (the “Company”). The purpose of this Policy is to provide accessible information about how we process personal data in our capacity as a controller, as well as what rights data subjects have with regard to their personal data. The protection of personal data is extremely important to us. The Company strictly follows the principles of minimalism and proportionality, processing only those personal data that are necessary for the provision of services expressly and previously requested by visitors to the Website. This Policy does not apply to the processing of personal data that the Company performs in compliance with its legal obligations, but only to the processing of personal data through the Website. The data is not provided to third parties other than those responsible for the technical maintenance of the Website. This occurs in strictly limited cases. We have taken the necessary steps to ensure that the Website’s system administrators apply the appropriate level of personal data protection.
SOME IMPORTANT TERMS “Personal data” – this is any information that relates to a visitor/user of the Website and which, alone or in combination with other information, can help us identify them; “Data subject” – this is the visitor to the Website. The provisions of this policy apply only to individuals, unless expressly stated otherwise. “Processing of personal data” means any action we perform or may perform with personal data, including, but not limited to, its collection, analysis, or destruction. “Personal data controller” – in relation to the Website, this is the Company. The Company determines the purpose of data processing on one of the grounds provided for by law. The Company also determines the means by which this processing is carried out – for example, the technical infrastructure and applications used for processing. The obligations regarding the security and protection of personal data arise for the Company. “Personal data processor” – this is a third party that processes personal data on behalf of the Company. The Company strictly determines the purpose of the processing and the means by which it is carried out. Such a processor is the company that maintains the functionality of the Website.
COLLECTION AND USE OF PERSONAL DATA The Company collects, uses, stores, and processes personal data that is necessary to provide the services requested through the Website. The Website processes/may process personal data only in the following cases: • When personal data is entered in the contact form; • Through technical means (cookies) that track visits to the Website. The Company’s policy for processing personal data through cookies is set out in a separate document available on the Website.
INFORMATION UNDER ART. 13 OF THE GDPR • Personal data controller and contact details: “DENTATIME 12 – INDIVIDUAL PRACTICE FOR PRIMARY MEDICAL CARE IN DENTAL MEDICINE” EOOD, UIC 204609328, registered office and address of management: Sofia, 39 Prof. Georgi Pavlov St., tel. tel. +359 892 600 602, Emailclinic@dentаtime.com . • Purpose of personal data processing through the Website: in view of the above-mentioned possible cases of personal data processing through the Website, the purposes of the processing are to enable users to receive answers to specific inquiries submitted through the contact form on the Website. • Legal basis for processing: the consent of users to send information via the contact form. The Company hereby informs each user of the Website that they may withdraw their consent at any time, in which case the Company will delete the information it has received from the user through the Website on the basis of that consent. • Third-party recipients of personal data – the company that provides support for the Website – personal data processor. • The Company does not transfer personal data to a third country/territory. • The data that users have sent via the contact form is stored for a period of 6 months.
WHAT PERSONAL DATA DO WE COLLECT THROUGH THE WEBSITE • When a visitor contacts us through the contact form on the Website and provides the relevant data, we process contact details to identify and respond to them – names, email, data entered in the inquiry field.
FOR WHAT PURPOSES AND ON WHAT BASIS DO WE USE PERSONAL DATA The main purposes for which the Company processes personal data are: • To contact visitors to the Website when they have sent us an inquiry;
DISCLOSURE OF PERSONAL DATA The Company does not disclose personal data collected through the Website. Persons responsible for the technical maintenance of the Website may have access to the data as necessary.
PROTECTION OF PERSONAL DATA The Company has taken security measures—including organizational, technical, and physical measures—to protect personal information from loss, theft, and misuse, as well as from unauthorized access, disclosure, alteration, or destruction. All employees of the Company are required to maintain the confidentiality of information and to comply with applicable organizational and technical measures for its protection. Access to data is limited to the principle of necessity for the performance of duties.
RIGHTS IN RELATION TO DATA Visitors to the Website have the following rights, which they may exercise at any time by sending a request to the email address: clinic@dentаtime.com. 9.1. Right to information Visitors to the Website have the right to receive information about important characteristics of the processing of personal data, including, but not limited to, its purpose, duration, and basis, the recipients and categories of recipients of personal data, and others. 9.2. Right of access and/or transfer Within a reasonable time of receiving a request for access to data that we have collected through the Website and have not deleted, we are obliged to provide it to the data subject. At the request of a data subject, we are obliged to provide in a widely used format (docx, pdf, etc.) all personal data processed by us through the Website. 9.3. Right to rectification Visitors to the Website have the right to request that we correct any incorrectly recorded or stored personal data processed through the Website. 9.4. Right to restrict the processing of personal data The data subject has the right to request that we temporarily suspend the processing of personal data (without deleting it) in the event of an objection to its specific processing or in the event of legal claims or a complaint filed by the data subject with the Personal Data Protection Commission. 9.5. Processing based on the legitimate interest of the Company or a third party and objection to such processing The Company does not process personal data through its Website on the basis of legitimate interest. 9.6. Withdrawal of consent The data subject may withdraw their consent at any time. We will delete the data as soon as possible upon receipt of the request. This does not include personal data that is not processed on the basis of consent. 9.7. Right to lodge a complaint with the Personal Data Protection Commission Whenever the data subject considers that their rights under the GDPR have been violated, they may lodge a complaint with the Personal Data Protection Commission. We would appreciate it if you would first contact us at clinic@dentаtime.com to discuss the issue and possible solutions.