Privacy Policy
1. General
The company “NOVIMED LIMITED COMPANY“, with the distinctive title “NOVIMED“, which is seated in Athens, at 2-4, Mesogeion Avenue, P.C. 11527, holder of the T.I.N. 802164575 and registered with the FAE ATHENS Fiscal Service under GCR no. 171260901000 (hereinafter the “Company“) respects and protects your privacy and your personal data. This Privacy Policy (hereinafter “Privacy Policy“) is applied every time you use the website “https://novimed.gr/” (hereinafter the “Website“) and describes the manner in which the Company collects and uses information from Health Professionals, persons participating in our events, consumers, patients and website visitors. By visiting the Website, you agree to our Privacy Policy and accept the practices described therein.
For the purposes of this Privacy Policy, our Company operates as a Data Processor, in accordance with art. 4 par. 7 of the General Regulation on the Protection of Personal Data.
2. Legal framework
2.1 The processing of your personal data takes place in accordance with the provisions of the General Data Protection Regulation 2016/679 (hereinafter “GDPR“), of L. 4624/2019, the purpose of which is to take measures to implement the GDPR in the Greek legal order, without prejudice to any more specific national and European legislation for certain sectors, as well as in accordance with the provisions for personal data and privacy protection in the field of electronic communications (L. 3471/2006, as applicable) and the decisions of the Hellenic Data Protection Authoriry (hereinafter “HDPA“).
2.2 This Privacy Policy describes the manner in which the Company uses the information collected about you (health professionals and event participants, consumers – patients, and visitors to the Website), it allows you to be informed of the origin and use of browsing information collected by Cookies, as well as the manner in which you can exercise your rights, in accordance with the aforementioned applicable legislation. This Privacy Policy applies to the Website and it is added to the Website Terms of Use, which are posted on the Website.
3. What is personal information, which information is being processed and how is it collected
3.1. Personal data is personal information concerning an identified or identifiable living individual. Personal data is also different pieces of information which, if combined, can lead to the identification of a specific person. The table below lists the personal data we keep in our records about you and has been collected either directly from you through forms and requests submitted in writing, by subscribing to the e-Newsletter, through correspondence we have exchanged, or that we have received through third parties, such as companies that provide us with their database for the purpose of, among others, providing scientific information to healthcare professionals and conducting market research.
| Personal Data |
Health professionals and participants in events | Contact details (First name, Surname, Professional address, Email address, Contact phone number) Information such as your specialty, and your participation in scientific events in Greece and abroad Details regarding our cooperation and information on which you have been informed. Information about fees, sponsorships, contributions and expenses we pay for you from time to time. |
Consumers Patients | Contact information (First name, Surname, Professional address, Email address, Contact phone number) |
Website visitors | Most of the Website’s services do not require any form of registration on your part, allowing you to visit this Website without revealing your identity. In some cases, however, your registration may be required in order for you to access certain services (such as signing up for a Newsletter). During registration, you may need to fill in a few “fields” (some are required and some are optional, such as First Name, Surname, Email Address) as well as possibly choosing a username and password. |
3.2 It is likely for the Company to gain access to personal data indirectly, through websites or publicly accessible databases/sources (online or offline), from third party providers of personal data, health service providers, health insurance companies and third parties and partners. Moreover, we may in some cases collect data by automated means. For these cases, please refer to the Cookies Policy.
3.3 Please note that our Company does not collect special categories of personal data in any way; these categories would include data related to racial and ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, biometric data for indisputable identification of a natural person, data concerning health, sex life sexual orientation.
3.4 Our Company does not keep nor process the personal data of minors.
3.5 You are not obliged to notify our Company of your Personal Data. However, if you do not provide us with all or some of the requested information, we may not be able to provide you with certain services or information.
4. Which is the legal basis and use of the Personal Data we collect?
4.1 We only collect Personal Data when there is legal basis to do so, in accordance with Article 6 GDPR.
4.2 The collection of Personal Data is carried out only when it is (a) necessary for us so that we can provide you with our services (6§1b GDPR), (b) necessary for our legitimate interests (6§1e GDPR), and/or (c) necessary for our compliance with our legal obligations (6§1c GDPR), and/or (d) based on our legal obligations and for reasons of public interest, we use and disclose personal data about healthcare professionals for the following purposes: i) providing information and scientific information about the Company’s products and services, ii) implementing promotional actions and informing about research initiatives, when this is allowed by the current legislation,
iii) conducting or collaborating with or participating in the conduct of studies, research, programs, training, events, etc. within the framework of legislation (subject to any additional consent requirements), iv) responding to inquiries and requests for additional information, providing samples and receiving orders, when this is allowed by the current legislation, v) continuously improving the quality and efficiency of the Company’s products and/or services, vi) researching and analyzing for the development and evaluation of the products, services, materials and treatments offered by the Company, vii) selecting and assessing the suitability of health professionals for their participation in clinical studies and market research as well as other research studies, viii) conducting market research and research studies in the public and private sector, ix) complying with the written legislative and regulatory provisions, including legal obligations, internal audit requirements and audits by public authorities and requirements set by the industry’s codes of conduct. x) based on our legal obligations and for reasons of public interest, we use and disclose personal data about healthcare professionals for the following purposes: monitoring safety, compiling and submitting reports, conducting audits and handling queries or issues related to with our products to monitor security, write and submit reports, conduct audits and handle queries or issues related to our products. Also, the legal basis for data processing by our Company is, as the case may be, the explicit, clear and free consent of the user (6§1a GDPR), and/or (e) based on our legal obligations and for reasons of public interest, we use and disclose personal data about consumers – patients or visitors to the Website for the following purposes: (i) to answer questions and requests for additional information, (ii) to conduct research and analysis for the development and evaluation of products, services, materials and treatments offered by the Company, (iii) to comply with the existing legislative and regulatory provisions, including the Company’s legal obligations and the decisions taken by the competent bodies.
4.3 Your Personal Data will be used solely for the purposes for which we collect it, unless we reasonably judge that we need to use it for another reason, which is however compatible to the original purpose. Should you wish to receive clarifications on whether the processing for the new purpose is compatible with the original purpose, please contact us. Should we need to use your Personal Data for a different purpose, we will notify you in order to obtain your written consent to do so or to explain the legal basis allowing us to take such action.
4.4 We do not use your Personal Data in order to create profiles. Profiling is any form of automated processing of personal data, through which personal data is used for the purpose of evaluating specific personal characteristics associated with a person, including, but not limited to, that person’s financial situation, health, personal preferences, interests, credibility, conduct, location or movement.
4.5 The Company may transfer on a reasonable scale Personal Data that it has legally collected and processed, in the event that any corporate transformation takes place in the future, resulting in a change of its control, such as e.g. acquisition, merger, restructuring of or any transfer of part or all of its assets or business. The Company will inform within due course the natural persons, whose Personal Data it processes, regarding the realization of the transfer of their personal data by any suitable means. In cases where the Company has collected and is processing Personal Data with the legal basis of providing the consent of the natural person (art. 6 par. 1a GDPR), then, in order to transfer this data, it will again request the natural persons’ consent in accordance with current legal framework.
5. How long is your Personal Data kept in our files for?
5.1 As a general rule, your Personal Data is kept for the time period which is strictly necessary for the purposes for which it was collected, unless we are required to keep it longer in order to meet our legal obligations, such as our tax obligations or for security reasons of our business activity or for the time period which is necessary to fulfill the aforementioned purposes.
6. Whom do we share this information with?
6.1 Our Company cooperates with other companies, for the smooth execution of its services, and allows specific authorized persons who perform and act under its control and at its orders, to have access to personal data. These persons are fully bound by the confidentiality and obligations provided for in the legislation regarding the collection and processing of personal data. In particular, the Company cooperates with:
6.1.1 Public Authorities when required by law or court order, or by a regulatory or governmental authority which is legally authorized to request such disclosure.
6.1.2 Its approved partners (such as e-mail marketing companies, PR agencies), in collaboration with whom it provides its products and services, for the aforementioned purposes and who have undertaken on our behalf and according to our orders, to promote newsletters and informative e-mails to you and to monitor our services. Please note that our Company does not dispose any automated means of advertising, except for the newsletter service.
6.1.3 To technology service providers, who gain access to the Personal Data that is absolutely necessary for their activity. This access includes, among others: your best servicing, the functional and computerized organization of the Website, the optimization of our services and our products, etc.
6.2 Our Company, as well as all the companies with which we cooperate, ensure the necessary level of protection in accordance with the GDPR, by applying the appropriate technical and organizational measures for the security of your data.
6.3 Your Personal Data does not exit the European Union.
7. Personal Data Safety
7.1 We are committed to safeguarding your Personal Data.
7.2 Acknowledging the importance of Personal Data security, we have taken all appropriate organizational and technical measures to ensure and protect Personal Data from any form of accidental or unlawful processing. We use the most modern and advanced methods to ensure maximum security [SSL TLS 1.2 protocol with 128-bit encryption protocol (Secure Sockets Layer – SSL. These measures are reviewed and modified when and where necessary.
8. Breach of Personal Data
8.1 In the event of a breach of Personal Data collected, the Company shall notify the event without delay, if possible, within 72 hours of becoming aware of the breach of Personal Data to the HDPA, unless such breach is not likely to cause any risk to the rights and freedoms of users. When the notification to the HDPA does not take place within the aforementioned deadline, it is accompanied by a justification for the delay.
8.2 When the breach of Personal Data may put the rights and freedoms of users at high risk, our Company will immediately notify the user of this violation.
9. What are your rights?
9.1 Access right to Personal Data
You have the right to access and share Personal Data. Before we respond to your request, we are obliged by law to verify your identity. We may need to ask you to provide additional information in order to respond to your request. We undertake the obligation to respond to your request as soon as possible.
9.2 Right to correct Personal Data
You can also request the correction of Personal Data that may be erroneous and restrict its processing. Depending on the type of processing, you may also request that the Personal Data we hold be completed.
Please contact us in the manner defined in Section 10 “How to contact us”.
9.3 Right to withdraw your consent for the processing of Personal Data
When the processing of Personal Data is based on your consent (subscribing to newsletters or using Cookies and similar Website technologies), you have the right to withdraw your consent at any time.
You can exercise this right by changing your newsletter subscription and direct marketing options, by withdrawing your consent to certain Cookies.
9.4 Right to delete Personal Data
You can also request the deletion of Personal Data in the following cases, when:
- You consider that the processing of Personal Data is no longer necessary, given the cessation of use of the Website and the services of our Company and/or that the purposes stated in this Privacy Policy or that their retention by our Company is against the law.
- You have withdrawn your consent to the processing of your Personal Data (see above).
- You object to the processing of Personal Data for reasons related to your personal situation.
9.5 Portability right of Personal Data
You can request the portability of Personal Data to you or to a third party. In this case, we will provide you, or a third party designated by you, with the Personal Data in a structured, commonly machine-readable format.
9.6 Alternatively, within the boundaries of the law, you may exercise the right to restrict the processing of Personal Data
Please bear in mind that despite your right to erasure or restriction, we may retain certain Personal Data about you when required by law or when we have a legitimate reason to do so (for example, to give evidence on the execution of a contract), or to defend rights in court or when the exercise of this right violates the right to freedom of expression and information. For instance, this happens if you violate the General Terms of Use.
9.7 Right to contact the Data Protection Authority
In any case, if you have reason to believe that the protection of Personal Data is being violated in any way, you have the right to file a complaint with the Hellenic Data Protection Authority (and if you reside within the European Union, with the corresponding Authority of your place of residence) using the following contact details: Website: www.dpa.gr/ Address: 1-3, Kifissias Avenue, 115 23 Athens/ Telephone: 210 6475600/ Fax: 210 6475628/ E–mail: [email protected]
10. How to contact us
Should you have any questions or observations regarding this Privacy Policy, you can contact us:
- a) in writing:at our Company address, at 2-4, Mesogeion Avenue, 16th floor, Athens, 11527,
- b) by phone:210 77 80 400 For quality control purposes, your call may be recorded, and
- c) through email: [email protected]
11. Privacy Policy Modification
We may occasionally modify this Privacy Policy. In such an event, we will notify you by changing the date at the top of this document and, in some cases, we shall issue additional notices (indicatively, by adding a statement to the home pages of the Website and/or by sending an email). We encourage you to read our Privacy and Cookies Policy when you interact with us, so as to be informed of our Company’s Personal Data protection practices and your relevant rights regarding Personal Data and the protection of your privacy in general.