Your personal data and the data of your loved ones are safe with us. We protect the privacy of all data we have access to and all information entrusted to us.The service provider is Laserová dermatologická klinika s.r.o., with registered office at Lyčkovo náměstí 508/7, 186 00, Prague-Karlín, ID No.: 281 92 257 (hereinafter referred to as “Provider”).The user is any legal or natural person who places an order or request with the Provider either in writing or verbally. Before the fulfillment of the order begins, the user will receive a link to this Privacy Policy, which includes the Data Processing Agreement (see below).
I. Personal Data Protection1.1. By placing an order, request, or service agreement, the user confirms that they are familiar with this Privacy Policy, agree with its content, and accept it in its entirety.
1.2. The Provider is the controller of users' personal data in accordance with Article 4(7) of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR). The Provider commits to processing personal data in accordance with legal regulations, particularly GDPR.
1.3. Personal data refers to any information relating to an identified or identifiable natural person. This includes names, contact information, addresses, email, phone numbers, and depending on the business relationship, accounting and payment details such as ID numbers, tax numbers, card numbers, and account details. These data are processed for healthcare documentation and marketing communications. All data are processed during the contractual relationship and archived for 10 years after its end.
1.4. During ordering, users must provide necessary personal data. The purpose is to fulfill the order and exercise rights and obligations from the agreement. It also includes marketing activities. The legal grounds include Article 6(1)(b), (c), and (f) of GDPR.
1.5. The Provider may use subcontractors, including third-country mailing and hosting services. These subcontractors are vetted and under contract, responsible for data protection.
1.6. Personal data will be stored as long as necessary to exercise rights and obligations from the contract, up to 15 years after the contract ends, after which data will be deleted.
1.7.–1.10. The user has the right to access, correct, restrict, delete, or transfer their data, raise objections, and file complaints with the Czech Data Protection Authority. Providing data is necessary for contract formation; without it, service cannot be provided. No automated decision-making takes place.
1.11. By placing an order, the user:● agrees to receive commercial and marketing materials up to once a week,● declares this is not unsolicited advertising,● may withdraw consent anytime via .zc.akinilk-sotla%40ofni
1.12. Cookies are used for service quality, personalization, analytics, and collecting anonymized data. Use of the website implies consent to this technology.
II. Rights and Duties Between Controller and Processor (Data Processing Agreement)2.1.–2.11.The Provider is a data processor for client data, and the user is the data controller. These terms govern their mutual rights and obligations.Processing includes automated collection, storage, blocking, and destruction. Data will only be processed within the EU at Provider or subcontractor locations.Subcontractors are required to meet the same data protection obligations and must be approved by the user.
The Provider ensures:● data is processed only per user’s instructions,● technical and organizational safeguards prevent unauthorized access, alteration, destruction, or misuse,● only authorized personnel access the data, each with unique IDs,● staff are bound by confidentiality, which remains in force after their employment ends,● assistance with data subject rights and GDPR compliance (Articles 32–36),● after service completion, all data will be deleted or returned unless retention is legally required, ● the Provider will provide evidence of GDPR compliance and allow audits.
The user is obligated to report any circumstances affecting compliance and cooperate with the Provider.The Provider must keep personal data and security measures confidential, even after the contractual relationship ends.
III. Final Provisions3.1. These terms expire after the durations set in Articles 1.6 and 2.7.
3.2. By placing an order, the user agrees to these terms, confirming they have read and accepted them.
3.3. The Provider may change these terms and must publish or send updates to the user.
3.4. Contact: +420 731 800 259, zc.akinilk-sotla%40tnemeganam
3.5. Matters not covered by these terms are governed by GDPR and Czech law, especially Act No. 89/2012 Coll., the Civil Code.
OUR STATEMENT OF COMPLIANCEKlinika Altos declares that, as a controller of personal data, it fulfills all obligations required by applicable laws, especially regarding:● lawful data processing based on voluntary consent,● registration with the Data Protection Authority,● fulfilling information obligations to patients,● enabling patients to exercise their rights,● fulfilling all other GDPR controller duties.