doctoranytime: Data Protection Policy

PERSONAL DATA PROTECTION POLICY

Last updated: July 2022

The website www.doctoranytime.gr (hereby doctoranytime.gr) is managed by ADD MARKETING MON IKE, which has its headquarters in Agia Paraskevi, Leoforos Mesogeion 468, Tax Registration Number 800407822, Tax Office Cholargou, and is the Controller of the personal data which we collect when you visit our website and use the services provided by doctoranytime.gr, that is all the information that directly or indirectly identifies or can identify you.

Doctoranytime.gr is extremely serious about the protection of your privacy and personal data and has taken all the necessary measures in order to ensure the safety and to maintain the confidentiality of the information regarding the visitors/users of the website services.

We kindly request that you read this Privacy and Personal Data Protection Policy carefully so as to be informed on the type of data that are collected from you when you visit our website and use its online services, on how said data is used, and on your rights.

This Policy serves as a notification to the data subjects, in accordance with articles 13-14 of the European Union General Data Protection Regulation (GDPR) EU 679/2016. If you have any questions regarding this Policy and the way doctoranytime.gr collects and processes your personal data in general, please contact the Data Protection Officer of doctoranytime.gr at: [email protected], or at the telephone number (+30) 215 50 50005 (option 3).

This Personal Data Protection Policy applies exclusively to the doctoranytime.gr website. Users should be aware that our website may include links to other websites, and doctoranytime.gr bears no responsibility for the practices, terms of use, personal data protection policies, and/or content of said websites.

WHAT TYPE OF PERSONAL DATA DO WE COLLECT?

Doctoranytime.gr is a website through which a user can make a medical appointment online “with just one click” (or by telephone), selecting the doctor and/or Health & Diagnosis Center they prefer from a network of doctors and Health & Diagnosis Centers cooperating with doctoranytime. Moreover, it allows health professionals and Health & Diagnosis Centers to register to our website in order to be added to the network of doctoranytime.gr associates and maintain a profile on our website. For the aforementioned services to be used, the creation of a user account on our website is required, which involves entering certain personal data. In case you simply navigate the website, doctoranytime.gr does not collect nor process any information that can directly or indirectly identify you, other that what may be automatically collected when you navigate our website. Specifically:

1. Data collected automatically when one visits and interacts with our website

As long as the website’s online services are not used and the user simply navigates the website, the user is not required to provide/enter any personal data. However, just by visiting and navigating the website, certain information that can directly or indirectly identify you may be collected automatically, such as:

your computer’s internet protocol (IP) address,
the web browser and software you use,
the websites you visit right before and right after you visit our website,
your connection speed and information on the software programs installed in your computer,
basic server connection data, and
data collected via HTML cookies, Flash cookies, web beacons, and similar technologies (see the section on Cookies below).

2. Data provided directly by you

2.1. “User/Patient” personal data

Users who wish to make a medical appointment online through the doctoranytime.gr website (hereby “users/patients”) and/or submit questions through the message exchange service are called to create an account, thus consent to entering the following identifying information:

Full name
E-mail address
Password
Post Code
Sex/Gender
Date of birth
Language of preference

In order to create a doctoranytime.gr account, “users/patients” are required to accept the Terms of Use and this Policy and if they so wish, they may give their consent to receive newsletter from doctoranytime.gr by selecting the relevant field.

2.2. “User/Doctor” personal data

The doctors who wish to register in order to use the online services of doctoranytime.gr (hereby “users/doctors”) and, in particular, maintain a profile in doctoranytime.gr that will allow them to make online appointments with patients, whom they will then see at their practice, and/or use the eSecretary services of doctoranytime.gr are called to fill in the corresponding registration form. Once said form is submitted, doctoranytime.gr will collect and process the “users’/doctors’” following personal data:

Full name
Username and password
E-mail address
Mobile phone number
Specialty
Sex/Gender
Region, address, post code, and telephone number of the practice
Additional information, such whether they are under contract with the National Organization for the Provision of Healthcare Services (EOPYY), office hours, if they have secretary services, and how they list their appointments.

In order to create a doctoranytime.gr account, “users/doctors” are required to accept the Terms of Use and this Policy and if they so wish, they may give their consent to receive newsletter from doctoranytime.gr by selecting the relevant field.

3. Personal data collected automatically when the contact form of our website is filled in:

Visitors/Users who wish to contact us for any matter are called to fill in the relevant contact form. Once said form is submitted, doctoranytime.gr will collect and process the following data:

E-mail address
Full name (optional)
Telephone number (optional)
Message (free text)

4. Personal data collected when the doctoranytime chat is used

Visitors/Users who wish to use the doctoranytime chat service are called to log in doctoranytime.gr, without their personal information being visible to the doctor with whom they interact in the chat, however.

User data and chats are stored in different locations to one another and are not linked to each other.
Chats are anonymous. In order for the users to be better served, they may share exclusively the following information with the doctors on the chat: name, sex/gender, and age.

5. Minors

When we collect information directly from you, we take the necessary care to establish which personal data concern minors. In any case, if we discover that we have collected any personal data from a minor under the age of 16 without the verifiable consent of their parents/legal guardians, we shall delete said data from our database as soon as possible, in accordance with the provisions of article 8 of the GDPR EU 679/2016. If you believe that we may have collected information from a minor under the age of 16, please contact the Data Protection Officer of doctoranytime.gr at: [email protected], or at the telephone number (+30) 215 50 50005 (option 3).

6. Information published on our website

6.1. Visible doctor profiles

Once a user/doctor becomes part of the doctoranytime.gr network, their online profile is created, in which the following information regarding the doctor is entered and visible in order to serve the users/patients:

Full name
Telephone number and address of their practice
Curriculum Vitae / Experience
Services provided and their cost (upon the user’s/patient’s request)
Specialty
Pictures of the doctor and their practice
Reviews by patients who have used the doctoranytime.gr services, which are published on the doctor’s profile in accordance with our website’s Terms of Use and Review Management Policy.
Doctor’s score, which results from the patient reviews and the number thereof.
Any replies and comments by the doctor to the patient reviews.

6.2. Pictures of bone marrow donor volunteers

Our website links to the www.xarisezoi.gr website for those who wish to register as bone marrow donor volunteers at the Center to Advance Public Awareness and Recruitment of Bone Marrow Donor Volunteers of the University of Patras (CBMDP) Bone Marrow Donor Volunteer Bank. Doctoranytime.gr does not have access to, does not collect, and does not process in any way the data of the bone marrow donor volunteers who go to the www.xarisezoi.gr website, which is governed by its own privacy and personal data protection policy regarding its users.

HOW DO WE USE THE PERSONAL DATA WE COLLECT?

Doctoranytime.gr uses the personal data it collects from its users for the following purposes:

For the visibility of the profiles of the doctors who form part of the doctoranytime.gr network.
To allow the users/patients to make online appointments with the cooperating doctors.
To contact the website users/patients in accordance with the content of their request.
To provide the website users with personalized information material, depending on their needs.
For statistical purposes, analyzing the data collected in order to help improve our users’/doctors’ profiles, monitor and analyze how our website is used, enhance its functionality, and better configure its content and design.
For the provision of potential eSecretary services, if a user/doctor so wishes.
To generally inform the public on medical issues.
To answer medical questions sent by visitors/users of the doctoranytime.gr page on Facebook (https://www.facebook.com/doctoranytime.gr/), as well as via our message exchange service, which are shared by us with third parties (cooperating doctors in our network).
For specific case-by-case purposes, such as the collection of declaration of interest forms from bone marrow donors.
To comply with our legal requirements and to fulfill our legal interests, we may use and share information we have collected in order to prevent illegal activities, enforce compliance with our website’s Terms of Use, and protect in any way our rights and our users’ rights.

Profiling: “Profiling” is the automated personal data processing in order for them to be used to assess certain personal aspects of a natural person and then make decisions that have legal effects on said natural person based on this assessment. Doctoranytime.gr profiles the visitors/users and users/doctors who use its online services for the following purposes:

To send informational medical material to the website users who create a doctoranytime.gr account, as well as suggestions for interesting health matters, in accordance with their needs and selections.
So that the website users have their personal, secure page where they can check the cost of each medical service and the history of their appointments with doctors and Health & Diagnosis Centers, as well as make and/or modify their appointments with ease.
To show the score and reviews given by users/patients who scheduled a doctor’s appointment via doctoranytime.gr on each doctor’s online profile, and to send doctors monthly statistical data on how often their profile is visited so that we can make suggestions on how they can improve and increase the frequency in which it is visited.

Doctoranytime.gr takes all the necessary measures to protect the rights and legal interests of its users within the context of profiling, by providing the users/patients the right to decline to receive personalized informational medical material in an automated manner, and by taking all the necessary measures for the users/doctors to exercise their right to decline and to protect their professional reputation and integrity, in accordance with the provisions in the terms of use.

INFORMATION EXCHANGE

Doctoranytime.gr respects its users’ privacy and only shares their information under specific circumstances. We make data concerning you available to other companies, applications, or persons in the following circumstances:

• We may use third parties to provide services related to our website and/or the management of the telephone calls made to doctoranytime.gr, such as database management, maintenance services, call center, online marketing actions. These third parties shall have access to data concerning you solely to fulfill their aforementioned duties on our behalf.
• We may share information concerning you with cooperating doctors in order to serve your medical needs, for example, when you send medical questions via our Facebook page (https://www.facebook.com/doctoranytime.gr/) or the message exchange service, we will then forward those questions to the competent doctor in the doctoranytime.gr network.
We may share information concerning you in case our website is bought by or merges with another company, or in case of a similar business transaction. However, our website will inform you before the data concerning you are transferred and fall under a different personal data protection policy, either by posting a noticeable notification or by sending a notification at the e-mail address you have specified in your account.
We may share information concerning you in order to investigate, prevent, or act upon any illegal activities, if there is suspicion of fraud, in circumstances that involve potential threats to the physical integrity or other rights and interests of any person, in case of violation of our website’s Terms of Use, if it is required by law, and in any case where we believe in good faith that sharing such information is necessary.
We may share information concerning you as a response to judicial summons, search warrants, judicial proceedings, judicial orders, legal proceedings, or other law enforcement measures issued by any competent authority, including the national Data Protection Authority (DPA) and the Data Protection Supervisory Authorities of other EU member-states, as well as to protect and defend our legal rights or to counter any claims against us.
In addition to the aforementioned cases, we may use the data we collect for other purposes of which you will be notified at the moment said data is collected and with your consent, insofar that it is required.
It should be noted that third parties may independently collect data concerning you, including your IP address and information on the websites you visit and links on which you click, via cookies, clicks on links, or other means when you visit our website or when advertisements are projected in our website. For more information, see the section “Cookies” below.

DATA RETENTION PERIOD

Doctoranytime.gr shall keep the personal data it collects in electronic and/or print form for the time that is absolutely required to fulfill the aforementioned processing purposes and for as long as such retention is deemed necessary for us to comply with our legal obligations or to defend our legal interests before a court.

SHARING/TRANSFERRING PERSONAL DATA TO THIRD PARTIES

Doctoranytime.gr does not sell its users’ personal data, while it may share them with third parties solely to fulfill the purposes stipulated in this Policy and to provide its online services.

Doctoranytime.gr ensures contractually that the necessary measures for the security and confidentiality of the personal data processed by third parties on its behalf are taken.

Doctoranytime.gr does not transfer any personal data outside the European Union.

CONSENT

By using this website, and subject to specific legislation provisions, such as legislation on the protection of personal data within electronic communications, as applicable at any given moment, you are giving your explicit consent to all the aforementioned personal data processing cases. You are free to withdraw your consent at any moment. If you wish to withdraw your consent, please address your request to the Data Protection Officer of doctoranytime.gr at: [email protected], or at the telephone number (+30) 215 50 50005 (option 3). Users who have consented to receiving newsletters by doctoranytime.gr can unsubscribe by selecting the relevant field at the end of each such message.

Withdrawing your consent does not negate the legality of the processing of your personal data thus far.

As regards the data automatically collected when you navigate our website, please avoid visiting the latter if you do not wish for such data to be collected and processed.

DATA SECURITY

Doctoranytime.gr takes all the necessary technical and organizational measures to safeguard and protect your personal data against accidental or deliberate destruction, loss, unauthorized modification, disclosure, or access, and against any other unlawful processing of the personal data it manages, which it checks regularly. However, despite all possible and in good faith efforts made by doctoranytime.gr to store its users’ personal data in a secure operational environment that is not open to the public, it should be noted that there is no such thing as complete or perfect security, and doctoranytime.gr cannot guarantee that there will be no accidental disclosure of your personal data. Users must immediately notify doctoranytime.gr or the Data Protection Officer of doctoranytime.gr in case their contact information is lost, stolen, or used without their authorization. In any such case, we will delete your contact information from your account and update our records accordingly.

When visitors/users send information to the doctoranytime.gr website by filling in relevant online forms of sending e-mails in order to have a demand met or a service provided by doctoranytime.gr, said information must be correct and accurate. Any information provided by visitors/users so as to have their demand met is considered confidential and transferred only to the directly concerned party, and to the competent authority(ies) according to the law in case the use made goes against the terms of use of doctoranytime.gr and existing Greek legislation in general. The latter may be deemed appropriate in case the use of the doctoranytime.gr website by a visitor/user violates its rules of operation. In such a case, all the data concerning said visitor/user, as well as their IP address, may form part of an investigation, insofar as such is required to protect the rights of doctoranytime.gr. In case any data is sent to the doctoranytime.gr website, said data must not be contrary to Greek Law and principles of morality regarding internet use in general, and they must not be altered by the visitor/user who publishes them or by others with the visitor’s/user’s knowledge. These data can be used by doctoranytime.gr without any claim against doctoranytime.gr by the visitor/user who provided them. Each visitor/user is responsible for their use of doctoranytime.gr, and they may use its services only for lawful and legitimate purposes. The member/visitor/user is not permitted to use doctoranytime.gr in such a way that could destroy, deactivate, or damage our servers or networks, or in such a way that interferes with the use and utilization of doctoranytime.gr by any other member/visitor/user. Visitors/Users are also prohibited from creating fake accounts with fraudulent intent and from collecting or storing the personal data of other users in any way. Doctoranytime.gr reserves the right to pursue its claims for any damage caused by the violation of the aforementioned prohibitions by visitors/users and to take any relevant legal action, procedure, and lawful judicial and extrajudicial corrective measures in order to prevent the violation of these terms.

Doctoranytime.gr reserves the right to take, indicatively but not limited to, the following actions: (a) record and store any communications between the visitors/users and the website, including e-mails and questions-answers to its cooperating doctors or other persons, (b) investigate any complaint made in case a communication does not comply with the terms and conditions of use thereof, and decide to withdraw or demand the withdrawal of such a communication at its discretion, (c) withdraw communications and data/information sent by visitors/users that are deemed offensive, unlawful, or disturbing, or that do not comply with the terms and conditions of use of doctoranytime.gr, (d) delete registered members when they do not comply with the terms and conditions of use of doctoranytime.gr, after they have been warned accordingly.

YOUR RIGHTS

You may exercise the following rights, where appropriate:

The right to access, so as to discover which data of yours we process, for what purpose, and who receives them.
The right to revision, so as to correct any incomplete or inaccurate data.
The right to erasure (the right to be forgotten), so as to have your personal data erased from our records, provided that their processing is no longer required.
The right to limit processing, in case you question the accuracy of your data.
The right to portability, so as to receive your data in a structured and commonly used format.
The right to objection, especially if you do not wish your data to be used for the direct marketing of our products and services, including the objection to profiling. Doctoranytime.gr allows the automatic objection to any communication sent electronically to the users who have an account on doctoranytime.gr.

In order to exercise your rights, please send a relevant written request to the Data Protection Officer of doctoranytime.gr at the e-mail address: [email protected], or the postal address: 468, Mesogeion Avenue, Agia Paraskevi, 15342, Athens, or contact them by telephone at: (+30) 215 50 50005 (option 3).

Doctoranytime.gr pledges to provide you with automated means to exercise your rights, to the extent that is technically feasible, and to meet your demands free of charge, unless your demands are frequently repeated and entail administrative costs for us due to their volume, in which case such costs shall be borne by you. Doctoranytime.gr shall make all possible efforts to respond to any relevant demand you make within thirty (30) days from its receipt. However, in case the complexity of your demand or the volume of information render your demand impossible to meet within thirty days, doctoranytime.gr shall inform you in writing within that time of the reasons for the delay, and it shall make all possible efforts to meet your demand as soon as possible, and in any case within no more than two additional months.

Doctoranytime.gr reserves the right to not meet your demand in case that is deemed manifestly unfounded or excessive, and it shall inform you on the reasons why your demand will not be met.

In any case, you have the right to submit a complaint to the Data Protection Authority, either in writing at its Office of Protocol (1-3 Kifissias Avenue, 11523, Athens) or in electronic form via its website (www.dpa.gr).

Cookies

Purpose

The primary purpose of this Policy is to provide some general guidelines on the use of cookies on the doctoranytime.gr website.

What are cookies and why do we use them?

Cookies are small text files which are stored by the browser on the computer, tablet, mobile phone, or other device which one uses to navigate the www.doctoranytime.gr website.

Each cookie contains data such as the name of the website from which it comes, its “lifespan” (that is, how long it will remain in the device), and a value, which is usually a number. A cookie may remain in a device for up to one (1) year.

Cookies are unique to each web browser (e.g. Google Chrome, Mozilla Firefox, Apple Safari, etc.) and contain anonymous data concerning the websites a user visited and the devices they used. They also allow websites to store visitors’ preferences (e.g. login data, language, etc.).

According to the law, we may store cookies in users’ devices insofar as it is absolutely necessary for the website to operate properly. For any other type of cookie, users’ permission is required, that is, we must have their consent. A user/visitor/subscriber can modify or withdraw their consent at any moment via the Cookie Notice on our website.

Paragraph 5 of article 4 of law 3471/2006, as amended by law 4070/2012, stipulates that installing cookies is allowed only if the subscriber or user has given their consent after having been clearly and extensively informed (informed consent).

This system is also known as “opt-in”, unlike the previous system of “opt-out” which was in effect until Directive 2002/58/EC was amended and allowed the installation of cookies without the subscriber’s or user’s consent, provided that the latter had been previously informed and not objected to the processing of the relevant data.

Therefore, according to the above mentioned, a web service provider (e.g. an online store) or third party (e.g. an advertising network promoting its products through an online store’s website) may install a cookie only after they have gotten the subscriber’s or user’s informed consent.

The use of cookies makes it easier for the website to memorize data regarding the users’ visits by collecting useful data on the search preferences they have already set when visiting the website in the past. Therefore, the search experience will be better the next time the user visits the website. Furthermore, cookies help review the performance of and number of visits to the website, thus improving its presentation and content in accordance with its visitors’ preferences.

Types of cookies

The types of cookies most commonly used by websites are the following:

1. Strictly Necessary Cookies

The role of these cookies is to store data or access already stored data in your device for the sole purpose of transmitting a communication via a network of electronic communications or to the extent that it is absolutely necessary for you to be provided with a service of the information community which you have explicitly requested. According to the corresponding legal framework, you do not get the option to decide whether or not you will accept the installation of these cookies, as it would be technically impossible for our website to provide services without them.

2. Performance Cookies

We use third party cookies (Google Analytics) for the sole purpose of analyzing the frequency of visits to our website and improving its performance, while taking all the appropriate technical and organizational measures to process your data securely (e.g. anonymizing the IP address). These cookies collect data on the way you use the website, for instance, which pages you visit more often, from which page you visited us, what type of browser you use, etc. Performance cookies collect aggregated, anonymous statistical data which cannot lead to the identification of the visitor on our part.

3. Advertising Cookies (Third-Party Cookies)

We use so-called third-party cookies (Google Analytics / Search console) to project personalized advertisements, adapted to your preferences. Through a unique number (ID), data such as your IP address, the browser you use, advertisements that had already been shown on your browser and whether you have accessed a website through an advertisement is identified. You have the option to object to the installation of such cookies. Our Policy includes detailed information on how these cookies operate and how you can manage them. Given that ad revenue allows us to provide our services reliably, promptly, and independently, however, we kindly ask you to accept their use by us.

When the Use of Cookies Is Unwelcome

In case you choose to deactivate cookies, parts of our website may not function adequately. For the management and deactivation of cookies, here are the relevant guidelines by browser:

MODIFICATIONS TO THIS POLICY

Doctoranytime.gr may at any moment modify its terms of use, personal data protection policy, and any condition they include by publishing a revised edition of them on our website. The visitors/users, in turn, ought to check for potential modifications every time they visit, and if they continue using our website, it is uncontestedly presumed that they accept the modified terms and conditions and give their consent, agreement, and approval. If this is not the case, they ought to refrain from using/visiting our website and using the services it offers. Any revised edition will be in effect from the moment it is posted on the doctoranytime.gr website. When changes to the personal data protection policy are published, the “last updated” date at the top of the page will also be revised by doctoranytime.gr.

CONTACT

If you have any questions regarding this Policy or the activities of doctoranytime.gr in general, you may contact us at the e-mail address: [email protected], or at the postal address: 468, Mesogeion Avenue, Agia Paraskevi, 15342, Athens, or at the telephone number: (+30) 215 50 50005, or through the Data Protection Officer of doctoranytime.gr at: [email protected], or at the telephone number (+30) 215 50 50005 (option 3).

Data Protection Policy