Last update: 2018-10-12
What data do we collect?
Information that you give us
There are many ways where you directly or indirectly could be giving us personal information about yourself. For example, when you choose to contact us through our contact form on the website, through a phone call, e-mail or in one of our clinics.
Personal contact information
Data such as name, telephone number and e-mail address are collected in order to be able to contact you back if you are interested in a free consultation, but also for treatment. The data is used to run the booking and it will also be used when conducting our records.
During an online consultation, we may require you to send a health declaration to us. When visiting one of our clinics, we require a mandatory health declaration before consultation or treatment. This is done with the purpose of being able to follow up any eventual disease that can provide clarity in your symptoms but also to offer the best treatment based on your condition.
Information through integration
The information through your integration with Nordic Hair Clinic can come from several different resources. We collect data based on how you use our services on the web such as; response time for pages, download errors, how you reached and left the service and also delivery notes when contacting you.
We may collect data such as your IP address, language settings, browser settings, time zone, operating system, platform and screen resolution. This is because we want to be able to analyse the general average value of these variables in order to be able to offer better services to the public in the future and for as many platforms as possible.
Your geographic location is automatically collected in order to show the services offered around your area, but also to provide the language settings that can match your language skills so that you as a customer feel satisfied and comfortable with the information relevant to you in a language that you understand.
Patient record and treatment information
Upon a physical visit, we are by law obliged to document the treatments that you choose to undergo in a so-called patient record. Therefore, we have the right to process your personal data in our patient records even if you have not given your consent. A patient record must always contain the following information: Information about your health, how many and what types of treatments that have been performed, choice of medication and other measures taken.
How your information is used
Your personal information is needed to be able to offer a safe and secure treatment of the highest quality and also to follow up, develop and improve our business. Nordic Hair Clinic treats your personal data based on the following legal grounds (see table on the right).
In the event that you wish not to receive individual offers and information, you can always unsubscribe directly by following the link “Finish” at the bottom of the e-mails we send. In case of unsubscribing for any physical communication, you need to email us at [email protected]. If you choose to cancel these types of communication, we will no longer be able to adapt the offer to you. Keep in mind that we never reveal information about someone’s health in open communication.
|Confirm your identity and contact details||Perform our actions towards you||No|
|Payment administration and customer relationship||Perform our actions towards you||No|
|Determination of payment method and internal and external credit assessments||Carry out our commitments to you and comply with applicable law||No|
|Customer analysis, Nordic hair clinics services and internal operations. Including troubleshooting, data analysis, testing, research and static purposes||Carry out our commitments to you and other legitimate interests||Yes|
|Introduce effective and essential information for you||Follow applicable law and other legitimate interests||Yes|
|Risk analysis and prevention of fraud and risk management||Follow applicable law and other legitimate interests||No|
|Improvement of services, business development and development of new products, services and functions||Other legitimate interests||Yes|
|Follow applicable legislation such as journal management, traceability of used products or similar||Follow applicable law||No|
|Communication with you for callings, reminders, next booked time, follow-ups, treatments etc.||Carry out our commitments to you and other legitimate interests||Yes|
We will share information
Personal data regarding the patient’s health status or other personal circumstances are lawfully classified as “sensitive personal data” where misuse of these gives higher consequences. Because of this, we will never share these sensitive personal details unless we lawfully need to.
We might transfer or share information with chosen third parts according to following:
- Credit institutions, credit reporting agencies and similar suppliers. In case that you apply for financial support from Medical Finance, your personal data will be shared with credit institutions to assess your credit rating and confirm your identity.
- Authorities or other similar. In cases where there is a law forced need for Nordic Hair Clinic to be forced to leave your personal data.
- Disposal. Nordic Hair Clinic may share your information with third parties if Nordic Hair Clinic sells or buys business or assets where the information is distributed to a such buyer or seller.
We will not share information to
Your personal information is always safe with us. Nordic Hair Clinic will never sell your personal data to third parties that we don’t have the right to sell to.
Your personal data will neither be saved, copied or shared with other suppliers who have not undergone a careful examination of how they handle privacy issues, manage their data and their dignity.
Where do we treat your details?
We treat all your information within the EU / ESS. In the case where the patient goes through their treatments at our clinic in Istanbul, a copy is saved in our systems in Turkey.
How long your personal details are saved
We will save your personal data as long as it is necessary in order to fulfil our obligations towards you and if required by law.
Your rights to access, correction and deleting
The right to access your data
You can request a copy of the personal information if you like to know and/or verify what data we have. You also have the right to take part in patient records, but within a reasonable time and after a judgment of the case. Requests for such information are made officially at one of our clinics or by mail to [email protected]. Collection of the information takes place personally after showing an ID or sent by registered letter.
Your right to correct your personal data
You always have the right to correct faulty or incomplete information about yourself.
The right to be removed from our databases
You have the right to request the deletion of your personal data in case it’s no longer necessary for the purpose for which it was collected. However, by law we cannot delete your patient record earlier than three years after the last note has been written.
Opposition to treatment due to public interest and public authority
In case your personal data is processed to perform a task of general interest as a part of the exercise of authority, you may have the right to object to your personal data being processed. Keep in mind that you must specify what type of information you object to.
If you re-call your consent of processing personal data, it will not be further processed. In that case we will not be able to offer you our services in the future. To re-call your consent, you are welcome to contact us at [email protected]
Cohesive record keeping within the Nordic Hair Clinic group
Nordic Hair Clinic uses cohesive journal keeping which means that every person that treats personal data within the Group also have access to the journal information. It can be a great advantage as a customer if, for example, you need to get in touch with one of our clinics urgently but can’t get hold of them. Then you can always get in touch with the nearest clinic to get the help and information you need.
Block information in your patient record
You have the right to, at any time, request that your journal information shall not be electronically available to any Nordic Hair Clinic’s staff other than your consultation adviser. You will then be informed about what this may mean for you as a patient.
You have the right to, at any time, file a complaint regarding our processing of personal data. Either straight to us or to the Swedish Data Inspectorate. If personal information about you has been processed so that they violate the Patient Data Act and the Data Protection Association, you may be entitled to indemnity.
Names used on the website
The names of patients used on the home page do not need to match the patient’s real name.
Manager of personal data
Nordic Hair Clinic Group’s companies are jointly responsible for personal data. The contact information regardless of our company within the Group is done at [email protected].
Nordic Hair Clinic is registered with the Swedish Companies Registration Office under the name PRP Kliniken Sverige AB with organization identity number 556990-6554 and has its main seat on Kungsholmsgatan 10, 112 27 Stockholm. The Nordic Hair Clinic Group consists of the subsidiary NHC Göteborg AB with organization identity number 559057-8265 and Nordic Hair Istanbul with office in Istanbul, Turkey.