Privacy Policy

ND Medhealth SRL, headquartered in Bucharest, Sector 2, Bd. Dimitrie Pompeiu, no. 9-9A, Iride Business Park Bucharest, Romania, registered at the Trade Register under no. J40/3045.2010, having CUI RO26691490 (“ND Medhealth”), sends you this Privacy Policy and Cookie Usage Policy (“Policy”) to explain how we process and protect personal data.

In the course of its activity, ND Medhealth may collect and process personal data, in which case the legal provisions in the field of personal data processing and the free circulation of such data will be taken into account and respected. Through this Policy, ND Medhealth informs the data subjects whose data is collected about the manner and purpose for which this data is used and also brings to the attention of data subjects the rights they hold. Data subjects within the meaning of this notice include, but are not limited to, website users and consumers, and the personal data subject to processing are: first name, last name, phone number, email address, and residential address.

This Policy is subject to periodic reviews. To be informed of any significant changes that may impact the processing of your personal data, please periodically consult our company’s webpage, under the “Privacy Policy and Cookie Usage Policy” section.

The most recent update to this Policy was made on 11.09.2020.

GENERAL INFORMATION

Your right to privacy and private life, as well as the trust you place in us, are important to us. Through this Privacy Policy, we provide you with important information about how ND Medhealth manages the personal data we collect from you or that you make available to us. This policy applies to any product, service, website or application that collects, records, modifies, uses, accesses, transmits or stores personal data.

Please read this policy carefully and contact us at the contact details indicated on the website if you wish to obtain details regarding our processing activities or to modify your choices. Please check for updates to this policy. If we make changes that we consider important, you will be able to consult them online.

We are committed to respecting your privacy and your right to private life in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the applicable European and Romanian legislation.

The following notes provide a general overview of what happens to your personal data when you visit our website.

Personal data represents all data that personally identifies you. Detailed information regarding data protection can be found in our privacy policy listed in this text.

DATA COLLECTION ON OUR WEBSITE

Who is responsible for data collection on this website?

The responsible person is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data. Personal data includes your first and last name, email address, phone number, etc.

The person responsible for the processing of personal data on this website is: ND Medhealth SRL.

How do we collect your data?

Your data will be collected, on one hand, from what you communicate to us — for example, data you enter in a contact form or through correspondence with us by phone, email or any other means.

The information you provide to us may include your name, home address, delivery address, email address and phone number, as well as other information, as applicable.

Through the activity carried out on the website, we will not collect or process sensitive personal data relating to you (i.e. information about racial or ethnic origin, political opinions, religious beliefs or philosophical convictions, health, sexual life or sexual orientation), except where:

  • we are required to do so by law; and/or
  • you have provided us with your explicit and separate consent.

Other data is collected automatically when visiting the website through IT systems. These are primarily technical data (e.g. internet browser, operating system or the time of the page request, etc.). The collection of this data is automatic as soon as you enter our website.

What do we use your data for?

Some data is collected to ensure the best possible use of the website. Other data may be used to analyse user behaviour.

Specifically, we may process your personal data in the following cases:

  • When we need to take the necessary steps to enter into a contract with you;
  • When we need to execute a contract we have concluded with you;
  • When we need to comply with a legal obligation (namely, consumer rights legislation, civil legislation regarding the conclusion of a contract, applicable laws in employment relations, accounting, auditing);
  • When it is necessary for our legitimate interests (or those of a third party) and for your interests (namely, for the detection and prevention of fraud or for ensuring IT and network security), unless your fundamental rights override these interests;
  • When it is necessary for the public interest or for official purposes.

We also process your personal data for various technical, administrative and operational reasons, such as:

  • To ensure the presentation of content in the most efficient manner for you;
  • To improve the website, including its functionality;
  • For the administration of the website;
  • For internal operations, including for troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • To keep the website safe and secure;
  • For advertising and marketing, including for specific marketing purposes, so as to offer content, including personalised content, that may be of greater interest to you.

In some cases, we will process your personal data only with your consent (i.e. in cases of advertising and marketing). In these cases, we will separately request your consent in a transparent manner when you provide your personal data. You may subsequently withdraw your consent at any time by sending a request to the email address info@ndmedhealth.ro. Withdrawal of consent will not affect the lawfulness of processing that took place prior to its withdrawal.

When we request personal data to comply with legal or contractual obligations, the provision of such personal data by you is mandatory. This means that if such personal data is not provided, we will not be able to manage contractual relationships or comply with the legal obligations imposed on us. In all other cases, the provision of personal data is optional and you are not obliged to provide it.

We may process your personal data, such as identification data, contact data and residential address, for the purpose of the possible exercise of rights or claims that either you or our company may have in the future. This processing is based on our legitimate interest, as it is necessary for us to exercise our rights in the event of potential disputes.

For what period of time do we retain your data?

Personal data will be retained for the period of time provided by the specific legal provisions applicable to the activity carried out by ND Medhealth and for as long as it remains necessary for the purposes mentioned in this policy.

What rights do you have over your data?

At any time, you have the right to obtain free information regarding the origin, recipient and purpose of the processing of your stored personal data. You also have the right to request the correction, blocking or deletion of such data. For this purpose and for other questions related to data protection, you may contact us at any time at the address info@ndmedhealth.ro. In addition, you have the right to appeal to the competent supervisory authority.

Specifically, under applicable legislation, you benefit from the following rights: (i) access to data processing, (ii) rectification or updating when data is inaccurate or incomplete, (iii) erasure of data (“the right to be forgotten”, namely requesting the deletion of personal data if there are no longer legitimate grounds for retaining and/or processing the data), (iv) restriction of data processing, (v) the right to object to processing, (vi) the right not to be subject to an automated decision-making process (including profiling), (vii) the right to data portability (transfer of the data subject’s data to another data controller designated by you), (viii) the right to withdraw your consent at any time without affecting the lawfulness of processing carried out on the basis of consent prior to its withdrawal, by means of a request submitted to us, (ix) the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing and to address the courts of law if you consider that the data is not being processed lawfully, and (x) the right to be notified in the event of data security breaches.

Please note that your rights are subject to applicable data protection laws and regulations. For example, the right to object to the processing of your personal data may be limited where we can demonstrate that we have compelling legitimate grounds for processing your personal data that override your interests.

We will not charge a fee to respond to a request from you unless permitted by law, and if such a fee is charged, it will be reasonable and proportionate to your request.

To exercise one or more of these rights, please contact us at the email address info@ndmedhealth.ro.

To whom do we transfer your personal data?

To achieve the purposes described above, we use the services of several contractual partners. From a GDPR perspective, these may have the capacity of Processors or Joint Controllers, and some personal data may be provided to them for use within the limits of the obligations they have assumed towards us and in strict compliance with our instructions regarding the processing of such data.

The personal data we transfer to Processors is limited to the minimum information necessary for the provision of the respective services. We make every effort to ensure that all entities we work with process your personal data in conditions of safety and security.

Personal data may also be disclosed to public authorities when there is a legal or contractual obligation to do so, upon their express written request or when there are suspicions regarding the commission of a criminal offence.

These public authorities or institutions may include the National Supervisory Authority for Personal Data Processing, the Consumer Protection Authority, the National Agency for Fiscal Administration, structures within the Ministry of Internal Affairs or the Public Ministry, courts of law, bailiffs, etc.

With regard to analytics tools and third-party tools, when you visit our website, your browsing behaviour may be evaluated statistically. This happens primarily through cookies and so-called analytics programmes. The analysis of your browsing behaviour is usually anonymous and cannot be traced back to you. You may object to this analysis or prevent the use of certain tools by not using them. Detailed information can be found in the following privacy and cookie usage policy.

You may contest this analysis. We will inform you of the possibilities for contesting it in this privacy and cookie usage policy.

ADDITIONAL INFORMATION REGARDING PRIVACY AND YOUR PERSONAL DATA

Privacy Policy

We treat your personal data confidentially and in accordance with the legal regulations on data protection and this privacy policy.

If you use this website, various personal data will be collected. As mentioned above, personal data is information that personally identifies you. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this occurs.

Please note that the transmission of data over the Internet (for example, when communicating by email) may have security vulnerabilities. It is not possible to fully protect data communicated through third parties.

Revoking your consent to data processing

Many data processing operations are only possible with your express consent. You may revoke an existing consent at any time. It is sufficient to send an email to info@ndmedhealth.ro stating as clearly and precisely as possible the subject matter of your request. The lawfulness of data processing carried out prior to revocation is not affected by the revocation.

The right to lodge a complaint with the competent supervisory authority

In the event of a breach of data protection law, the person concerned has the right to appeal to the competent supervisory authority: the National Supervisory Authority for Personal Data Processing, https://www.dataprotection.ro/?page=contact.

Right to data portability

If you request the direct transfer of data to another responsible party, this will only be done to the extent that it is technically feasible.

Personal data security / SSL or TLS encryption

We use appropriate technical and organisational measures with the aim of protecting personal data and preventing unauthorised access to it.

This website uses SSL or TLS encryption to ensure security and to protect the transmission of confidential content, such as orders or requests you send to us as the website operator. You can recognise an encrypted connection by the change in the browser’s address bar from “http://” to “https://” and the lock symbol in the browser bar.

If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.

Confidentiality of minors’ data

Our website does not knowingly collect personally identifiable data from persons under the age of 16. If a parent or legal guardian is aware that a minor in their care has provided our website with their personal data, they must immediately notify ND Medhealth SRL at the email address info@ndmedhealth.ro. If we discover that a person under the age of 16 has provided personal data through our website, we will proceed as soon as possible from the time of identification to take the measures required by law.

Transfer of personal data abroad

In the context of the operations described above, your personal data may be transferred abroad only to states within the European Economic Area (“EEA”). We assure you that any transfer carried out by the Company to an EEA member state complies with the legal requirements set out in the GDPR.

COOKIE USAGE POLICY AND SERVER LOG FILES

Cookies

Web pages partially use so-called cookies. Cookies do not harm the computer and do not contain viruses. Cookies serve to make browsing our website more user-friendly, efficient and secure. Cookie files are small text files stored on your computer and saved by your browser.

Most of the cookies we use are so-called session cookies. These will be automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser the next time you visit our website.

Cookies are managed by web servers. The lifespan of a cookie can vary significantly, depending on the purpose for which it is placed. Some cookies are used exclusively for a single session (session cookies) and are no longer retained once the user has left the website, while some cookies are retained and reused each time the user returns to that website (permanent cookies). Nevertheless, cookies can be deleted by a user at any time through their browser settings.

If you share access to a computer, you may consider setting your browser to delete individual browsing data each time you close the browser. This is one way of accessing websites that place cookies while deleting any visit information when the browsing session is closed.

Install and constantly update antivirus/antispyware applications.

Many spyware detection and prevention applications include detection of website attacks. This prevents the browser from accessing websites that might exploit browser vulnerabilities or download dangerous software.

You can set your browser so that you are informed about the use of cookies and allow cookies only in isolated cases, accept cookies for certain functions or exclude them entirely, as well as enable the general and automatic deletion of cookies when you close the browser. Disabling cookies may limit the functionality of a website.

All modern browsers offer the possibility of changing cookie settings. These settings are generally found in the Options/Settings menu or the Preferences/Favourites menu of the browser.

For more information on these settings, the following links may be helpful:

  • Cookie settings in Internet Explorer
  • Cookie settings in Firefox
  • Cookie settings in Chrome
  • Cookie settings in Safari

Cookies that are necessary for carrying out the electronic communication process or for providing certain functions that you wish to use (for example, the shopping cart function). The website operator has a legitimate interest in storing cookies for the technically error-free provision and optimisation of its services. To the extent that other cookies are stored (such as cookies for analysing your browsing behaviour), these will be addressed separately in this privacy and cookie usage policy.

In the following sections you will find more information about the individual cookies used on this website and the purposes for which we use them.

Necessary cookies

These contribute to the functioning of the website, enabling basic functions such as navigation and access to secure areas of the website. The website cannot function properly without these cookies.

Functionality cookies / Session cookies

These cookies allow the website to remember the choices you make (such as your username, language or the region you are in) in order to provide a more personalised online experience. These cookies may also be used to remember changes made to text size, fonts and other parts of web pages that you can customise. Similarly, they may be used to track which products or videos you view in order to avoid repetition and to allow you to access social platforms.

These cookies collect personally identifiable data. The information these cookies collect may include personal data you have disclosed. If you do not accept these cookies, this may affect the performance and functionality of the website and may restrict access to content on the site.

Marketing and advertising cookies

These cookies are used to deliver content more relevant to your interests. They are also used to remember your visit to the website and the pages accessed, to observe articles read, with the aim of increasing the level of relevance of advertisements published on the website, to offer targeted advertising and to measure the effectiveness of advertising campaigns on the website. These cookies remember that you have visited the website and this information is shared with other parties, including advertisers and our agencies. These cookies may also be linked to website functionality provided by third parties.

Third-party cookies

We use a number of partners who may place cookies on your device on our behalf when visiting the website, to enable them to serve personalised advertising in their domains: Facebook and Google Display Network. The information these cookies collect may include personal data. Third-party providers must also comply with applicable law and the privacy policies of the website owner.

On our website, so-called plug-ins specific to the social network https://www.facebook.com/ are used. If this plugin is activated by a click, the browser will establish a direct connection with https://www.facebook.com/, which means that https://www.facebook.com/ receives the information that you have opened the corresponding page on our website and may attribute the visit to your https://www.facebook.com/ profile account. The policy on the processing and use of personal data by https://www.facebook.com/ can be found at: https://www.facebook.com/about/privacy.

If you do not wish for https://www.facebook.com/ to use our website to collect data about you, you must not activate the specific plug-in when browsing our website, nor access the active links in the form of a specific logo.

Disabling cookies

There are several ways to manage cookies:

  • You can disable cookies on the website or third-party cookies by using your browser settings.
  • You can delete all cookies from your device and set most browsers to block their placement.
  • You can control and/or delete cookies as you wish — for details, please consult the site aboutcookies.org. If you do this, you may need to manually set some preferences each time you visit the website. Some services or options may also not function.

Server log files

Our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.

These are:

  • Browser type and browser version;
  • Operating system used;
  • Referrer URL;
  • Hostname of the accessing computer;
  • Time of the server request;
  • IP address.

This data will not be combined with other data sources.

Join us in sharing health
Become an ND Medhealth partner.

    By entering your email address, you agree to the Terms and Privacy Policy.