0744-537-377

Privacy Policy

COMMITMENT OF DENTIK SRL REGARDING THE DATA SECURITY POLICY

1. PURPOSE

Protecting the safety and security of your data personal data is important for DENTIK SRL (hereinafter referred to as DENTIK), therefore, the activities carried out by the company DENTIK SRL are in accordance with the applicable legislation regarding the protection of data safety and their security.

Personal data is treated confidentially when collected and stored.

For this purpose, DENTIK has adopted this Data Protection Policy:

By accessing this page, all users agree to comply with the Security Policy and Terms of Use of the site, as well as the legislation in force. We hope that the policy presented below will help you to understand what kind of data may be collected by DENTIK, how it is protected and used and how it may be disclosed.

2. REGULATIONS AND LEGISLATION IN FORCE

RGPD – REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data and repealing Directive 95/46/EC – The Regulation General Data Protection Regulation (hereinafter referred to as “RGPD”);

The Law for the amendment and completion of Law no. 102/2005 on the establishment, organization and functioning of the National Authority for the Supervision of the Processing of Personal Data, as well as for the repeal of Law no. 677/2001 for the protection of individuals regarding the processing of personal data and the free movement of such data;

National laws and regulations applicable to the processing of personal data.

3. DATA PROTECTION POLICY

DENTIK recognizes the importance of protecting the privacy and dignity of patients, employees and Internet users who visit the website https://excedent.ro/, ensuring that all personal data is treated confidentially when are collected and stored.

DENTIK aims to reduce the risk of breaches and ensure that all personal data is maintained and processed in a legal, fair and transparent manner, as well as ensuring the management and responsibility to facilitate compliance with data protection.

The security policy is intended to serve as a framework document, which establishes the basic principles regarding the processing of personal data, and applies to all persons within DENTIK (all employees, company administrators).

The policy is based on GDPR regulations and sets a high standard of data and privacy protection.

4. DENTIK PRINCIPLES

Through this Policy, DENTIK has successfully implemented the principles of the RGPD that it applies in the conduct of business in labor relations with employees, as well as in professional activities with patients or service providers, as follows:

Legality, fairness and transparency – the processing of personal data is based on a legal basis, which must be communicated to the person who is the subject of the collection regarding the identity of the company that carries out such processing and the purpose for which the processing is carried out.

Purpose limitation – the purpose of personal data processing is specified, explicit and legitimate and that personal data is not processed for another purpose.

Data minimization – ensuring that personal data is appropriate, relevant and limited to what is necessary for that purpose.

Data accuracy – personal data are accurate and up-to-date.

Storage limitation – personal data is stored for a reasonable period in order to fulfill the purpose for which it was collected.

Integrity and confidentiality – data is processed in a way that ensures adequate security and confidentiality of personal data and prevents unauthorized access.

Liability – the data is collected with the assumption of responsibility of the company regarding the way of processing, the purpose of the processing and the security of the way of use.

5. THE BASIS FOR THE PROCESSING OF PERSONAL DATA

Data processing is based on one of the legal grounds stipulated by the GDPR

Execution of a contract – personal data are necessary for the execution of a contract to which the person in question is a party (employment contract, service contract with patients or providers).

Legitimate interest – the interest must be balanced against the fundamental rights of individuals regarding the protection of their personal data. The processing of personal data for marketing purposes also constitutes a legitimate interest, as well as the processing of personal data necessary for the monitoring of premises or goods or for the prevention of fraud.

Legal obligation – refers to the fulfillment of legal requirements by the employer for the exercise of duties.

Consent – ​​when consent is obtained by the company for the processing of personal data, the consent constitutes a valid legal basis expressed as long as it is given: freely, intelligibly and clearly; clearly distinct from other information, active, meaning that those pre-checked boxes are not valid, for a specific purpose and revocable.

INFORMATION TO THE PERSONS CONCERNED

DENTIK ensures a fair and transparent processing and the appropriate information of the data subject, when collecting his personal data, all the information necessary to protect confidentiality.

The data subject is informed differently depending on the nature of the contractual relationship and the purpose of processing by DENTIK. In this regard, DENTIK employees were informed through the information note regarding the personal data collected, the purpose of the processing, the way in which the data is managed and secured, and also their rights. As far as DENTIK patients are concerned, they are informed about how data is collected when they request the company’s services. Information also contains the relevant information regarding the categories of data that are processed, the purpose, the way they are managed, the measures for data protection, the storage time, the people who have access to the data and also whether the data is transferred abroad.

THE RIGHTS OF PERSONS

Right of access

The data subject may request and obtain confirmation that the personal data concerning him/her are being processed and, if applicable, to obtain access to the personal data by obtaining a copy of the personal data being processed.

Right to rectification, erasure and limitation

The data subject can ask DENTIK to rectify, complete or delete the data, without undue delay, when the purpose for which the data were processed allows this and, at the same time, it is possible on the basis of the processing.

At the request of the data subject, DENTIK will delete personal data without undue delay, when data retention by DENTIK is not in accordance with the requirements of the GDPR.

The data subject can request, directly or through a written request sent to the company’s address, the limitation of the processing of his personal data by DENTIK.

The right to object

Data subjects have the right to object to the processing of personal data carried out by DENTIK, this is possible if the legal basis for such processing is the legitimate interest of DENTIK. In the event of such a request, DENTIK will stop processing the personal data of the person in question, unless there are well-founded and legitimate reasons for processing that are contrary to the interests and rights of the person in question.

The right to request a copy of the data

DENTIK provides the data subject, upon his request, with the personal data concerning him that DENTIK has collected from the data subject in a structured, frequently used and machine-readable form, in accordance with this obligation of RGPD

The right to data transfer

The data subject has the right to obtain and re-use his personal data for other purposes and in different services and, at the same time, can request that the said DENTIK company transmit his personal data directly to a new operator.

The right to withdraw consent

The data subject who has given his consent for the processing of personal data for purposes other than those for which there is legitimate interest, contractual grounds, the interest of the data subject or the interest of the operator, may withdraw the consent expressed for processing, in the same symmetrical way in which it was given.

DATA PROCESSING ON BEHALF OF DENTIK

Responsibility assumed by the DENTIK company

DENTIK processes personal data as an operator. Considering the nature of the commercial relations assumed for the provision of services by DENTIK, the data are transferred to different contractual partners in order to fulfill legal and contractual obligations.

Thus, DENTIK carries out the economic and financial management through its suppliers, companies specialized in accounting, for the exercise of legal duties. The suppliers, who support the activity carried out by DENTIK, acquire the quality of processors or agents, and process your data. in the name and interest of DENTIK. The DENTIK company has direct obligations, under the GDPR or other applicable laws, in the diligent selection of contractual partners. However, DENTIK’s responsibilities are related to how it has ensured that GDPR requirements are met.

When DENTIK acts as an operator, it will conclude a written data processing agreement with its supplier (data processor) in advance. This is the case, for example, when a DENTIK company (as an operator) outsources its IT services or accounting services to a third party provider.

Record of processing activities

Record of processing activities Records include the following categories of information:

Name and contact details of the operator;
Purpose of processing;
Categories of data subjects and personal data processed;
Categories of processing carried out on behalf of the operator;
The categories of recipients to whom the personal data could be distributed;
Cross-border data transfers;
Applicable data retention periods;
Description of security measures implemented to protect personal data.

DATA SECURITY

Security measures

DENTIK ensures appropriate technical and organizational measures to enhance the confidentiality, integrity, availability and endurance of its processing activities at all times. Also, with regard to archived data, DENTIK will ensure the anonymization or pseudonymization and encryption of personal data;

Breach of personal data

A personal data breach is the breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data that DENTIK transmits, stores or processes (e.g. a cyber attack). In the event of a personal data breach, DENTIK will report that breach to the competent data protection authority in accordance with applicable legal requirements.

If an employee of the DENTIK company is aware of a personal data breach that could generate a risk for the rights and freedoms of individuals, the company

DENTIK must immediately notify the competent data protection authority and, in some cases, also notify the data subjects. Where possible, personal data breaches must be reported to the competent data protection authority within 72 hours of detection of the breach.

INTERNATIONAL TRANSFERS

The processed data are used by the DENTIK company exclusively within the country.

ROLES AND RESPONSIBILITIES

In order to ensure the requirements of the RGPD, the legal obligations of the company and at the same time in order to facilitate communication with the persons concerned or with the national authority, DENTIK appoints Ms. Mihaela Măgureanu (email address: office@excedent.ro, phone: 0745-585-877).

Any notification, information or request regarding your data. personal, please send them directly to the attention of Mrs. Mihaela Măgureanu, by written request sent to the address

Str. Lt. Ghe. Negel, no. 24, sector 6, Bucharest or by e-mail office@excedent.ro.