At “Genekor” we are committed to respecting the Privacy of the individuals and protecting their Personal Data.
Below is our general privacy notice for the protection of the personal data of any individual which informs you about how we use and protect the personal data you submit to us or that we collect about you when you use our website or when you contact us and when you perform any of the medical tests offered by us.
We also inform you about your rights provided by the legislation regarding the protection of your personal data, i.e. the General Data Protection Regulation 679/2016 and the Greek law 4624/2019 (“L. 4624/2019”).
Separate privacy policies apply to employees, job candidates and to the collection of personal data through cookies or other recording tools as well as through recording via the Company’s Video Surveillance System.
By using our website, and the services provided by Genekor, you agree to be bound by the present Policy.
WHO WE ARE
Genekor, is considered, as per the applicable GDPR terminology, the “Data Controller” in regards to the personal data it processes. This means that Genekor determines the way and means by which it processes (i.e., collects, retains, uses, discloses) the personal information.
We are the Company « GENEKOR PRIVATE DIAGNOSTIC LABORATORY MEDICAL SOCIÉTÉ ANONYME », having its registered office at Gerakas, hereinafter referred to as “Genekor”, which is an emerging multinational company specializing in Molecular Biology and Genetics tests.
Our company details are:
GENEKOR PRIVATE DIAGNOSTIC LABORATORY MEDICAL SOCIÉTÉ ANONYME 52, Spaton Avenue
153 44 Gerakas.
Τel .: +30 210-6032138
Fax: +30 210-6032148
You can contact the person responsible for all Data Protection matters in our Company at the email address: firstname.lastname@example.org.
WHAT INFORMATION WE RETAIN ABOUT YOU AND ITS SOURCE.
Genekor is committed to protecting the privacy and security of your personal information. The term “personal data” means information, which alone or in combination with other data available to the Company can lead to your identification. Information in which any identification data have been removed and is not possible to identify you either from such information alone or in combination with any other information held by Genekor is not considered personal data (anonymous data).
Due to the Company’s business operation, sensitive personal data, known as “special categories of data” such as health data or genetic data might be processed.
The exact categories of personal data that are being processed vary depending on the role of each individual and his/her respective relationship with the company, such as:
The above data are being stored in the company records which can be electronic files, letters, prescriptions, medical referrals, e-mails, customer satisfactions forms, photos, video recordings etc.
We may have your personal information because you gave it to us yourself, or because we obtained it from another source (e.g. your referring physician or your health insurance provider if the medical diagnosis we provide is paid by the health insurance provider and we need to verify your insurance coverage), either in the context of providing our services to you or in the context of our business in general or because they are publicly available.
SUSCRIBE to our NEWSLETTER
Your subscription to our Newsletter by submitting your email address is done at your own initiative and is subject to your acceptance of the terms of our Privacy Notice. If you do not accept these terms, please do not fill in the relevant field or withdraw your participation from the list of recipients of our Newsletter.
By submitting your e-mail to our Newsletter service, Genekor as the Data Controller can use your personal data for marketing purposes and process it as follows:
To protect your rights and to ensure that you have control over how we manage our marketing activities addressed to you:
Company CCTV System or other Access Control Systems
In the course of our business operation and mainly for reasons of security and protection of our premises and of the Company employees, customers, associates, third-parties, as well as the Company assets, the Company monitors its facilities and premises through electronic means such as cameras at the entry/exit points around the perimeter or in the staircase of its buildings or access control systems in critical areas. This might have as an indirect consequence, to record the movements of incoming visitors, employees, partners etc.
The data recorded through these systems are retained in accordance with the legislation, while the access to them is very limited and is given only when there is a specific need (theft or other security incident, etc). For more information, about the use of the Video Surveillance System by our Company, please see the “Privacy Notice for the Processing of Personal Data through the Video Surveillance System”.
FOR WHAT PURPOSES DO WE USE YOUR PERSONAL INFORMATION
We process your personal information in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and Greek Law 4624/2019 as well as any other applicable legislation in order to:
HOW DO WE PROCESS YOUR PERSONAL INFORMATION
In compliance with the provisions of the Regulation, we process your personal data in accordance with the following data protection principles:
LEGAL BASIS FOR PROCESSING
According to the GDPR the processing must be performed on a specific legal basis, as in we need a real reason to collect, store, use and disclose your personal information.
Our legal basis for processing your personal information might be one or more of the following:
We do not wish to collect personal data from children without their parents’ or guardian’s consent. If you are under 16, please obtain the consent of your parents or guardian before giving any information.
TO WHOM WE DISCLOSE YOUR PERSONAL DATA
Your personal data is disclosed internally in our company, between its various departments in order to produce the desired result and to receive the service you have requested from us. This internal disclosure is done in a secure way and based on a need to know basis. Genekor’s personnel is subject to an obligation of Confidentiality through a specific Confidentiality Agreement.
We may also share to and receive your personal information from third parties, individuals or legal entities. This category includes hospitals, pathological laboratories, referring doctors.
Furthermore, your personal information may be disclosed by our company to a third party, in order for the third party to provide a service to us or directly to you, e.g. a company that provides us with tax and accounting services, the company that manages our website or our results portal and our consultants (including financial, legal and other advisors) within the context of the legal operation of our Company. These service providers are known as “data processors” and also have a legal obligation under GDPR and towards Genekor to protect your personal data and to use it only to provide the agreed service.
Your personal information may also be disclosed to third-parties, such as employment agencies, insurance companies or companies and other regulators.
Except in the above cases, your information will not be transferred or disclosed to third-parties for marketing or other purposes.
TRANSFER OF DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA (E.E.A.)
We process your personal data at our operating offices and in any other place where the parties involved in the processing, such as our subcontractors, are located. Depending on the data subject’s location, data transfers may involve transferring the data subject’s data to a country other than their own. If such transfers take place to a third country outside of the E.E.A. and the third country does not provide an adequate level of security of the personal data, the personal data can be transferred to that country only if the protection of data is guaranteed by a data transfer agreement which ensures an adequate level of protection or if the conditions explicitly provided by European and national law are met.
FOR HOW LONG DO WE KEEP YOUR DATA
We will retain your personal information only for as long as it is necessary to fulfill the purposes for which we collected it, but also for as long as it is required in order to meet any legal, accounting or other obligations.
Personal data collected for purposes related to the execution of a contract between the Company and the data subjects will be retained until the said contracts are terminated and we have no obligation to retain it for a longer period of time in compliance with our tax or accounting obligation. Personal data collected for purposes relating to our legitimate interests will be retained for as long as it is necessary in order to fulfill those purposes. We may be entitled to retain personal data for longer period of time whenever the data subjects have given their consent to such processing, provided that the consent in question has not been revoked or until the data subjects have asked us to delete or modify the personal information stored by us.
We may anonymize your personal information so that it can no longer lead to your identification, so that we can use them without having to inform you further, for statisitical purposes or in the context of scientific research.
As soon as you will no longer need services from us, we will safely maintain and then destroy your personal information, according to our data retention schedule.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period. Any statistical data contained in our analyzes and reports will continue to be subject to use or publication as long as they contain only anonymous data.
DATA ACCURACY AND YOUR RESPONSIBILITIES
It is important that the personal information we hold about you is accurate and up to date. For this reason, please let us know as soon as possible if any of your information changes or is incorrect during our cooperation.
By virtue of the GDPR you have the following rights under certain conditions:
For further information about your rights and in order to exercise them, please contact email@example.com or the Company DPO at the email address: firstname.lastname@example.org. Such requests are free of charge and we will respond to you as soon as possible. Generally, your requests will be answered within one (1) month from the time we received your request, but if the request requires more time, we will inform you accordingly (within the said one (1) month). Please note that we may request further information to confirm the identity of the person concerned.
Exercising your rights is with no charge. However, in the event of manifestly unfounded or excessive claims, even due to their recurrence, the Company may charge you a reasonable fee, in view of the administrative costs in order to habdle your claim, or will deny the satisfaction of your request.
You can chose whether or not you want to receive information from us. We will not contact you for marketing purposes via e-mail, telephone or text message unless you have given your prior consent. We will not contact you via email for direct marketing purposes if you have declared to us that you do not wish to be contacted. You can change your preferences at any time by contacting us through e-mail at email@example.com or by calling us at 210-6032138.
QUESTIONS OR COMPLAINTS
Any questions about the present Privacy Notice and our general privacy practices should be sent to the email address: firstname.lastname@example.org or the person responsible for all Data Protection matters in our Company (DPO) at the email address: email@example.com or by writing to GENEKOR PRIVATE DIAGNOSTIC LABORATORY MEDICAL SOCIÉTÉ ANONYME, 52 Spaton Avenue, 15344 Gerakas Attica. Alternatively, you can call us at 210-6032138.
You also have the right to submit your complaint at any time to the Hellenic Data Protection Authority, the Greek Supervisor Authority for any data protection related matters. Hellenic Data Protection Authority, 1-3 Kifisias av. 115 23 Athens, tel: 2106475600 Website for complaints: www.dpa.gr
CHANGES TO THE PRESENT PRIVACY NOTICE
We regularly review this Privacy Notice and therefore we may amend it at any time in order for example to comply with any new legal or technological requirements imposed to us by the applicable legislation or in order to include new Services that we might provide. If significant changes are made to the use of your personal data (as defined herein) in a manner other than what has been stated to you at the time of collection, we will make every effort to inform you either by updating our Website or by sending it to your relevant e-mail and where required by applicable law we will ask for your consent.
The present Privacy Notice was last updated in November 2022.