Personal Data Protection in accordance with the provisions of article 13 and 14 of the General Data Protection Regulation 2016/679 (GDPR)

In the above document you will find information on the processing of personal data in the Retina Outpatient Clinic and Hospital.
They were prepared in accordance with the provisions of Article 13 and 14
of the General Data Protection Regulation 2016/679 (GDPR).

 

A) Information for patients on the processing of their personal data in the Retina Outpatient Clinic and Hospital

Who is the Controller in the Retina Clinic and Ophthalmology Hospital:

Retina Okulistyka Sp. z o.o., Sp. km
ul. Gimnazjalna 1
01-364 Warsaw
NIP 7010343001
tel. 22 664 44 33
tel. 22 869 41 19
tel. 693 722 448
fax –
retina@retina.pl
www.retina.pl

Who is the Data Protection Officer in the Retina Clinic and Ophthalmology Hospital:

In all matters related to the protection of personal data in the Retina Outpatient Clinic and Ophthalmology Hospital, you can contact the Data Protection Officer: e.chojnowska@retina.pl

What is the purpose of personal data processing and what is the legal basis for personal data processing in our facility:

Patients’ personal data can be processed for the following purposes:

– providing health services and keeping medical records,
– verification of entitlements and settlement of healthcare services provided,
– communicating on matters related to the coordination of providing services, including e.g. the organization of providing services, assessment of the patient’s well-being after providing the service, patient satisfaction survey,
– performing other auxiliary activities in the provision of health services, including providing a website functionality for making appointments, as well as activities related to the maintenance of the ICT system, based on the provisions of Article 6 par. 1 items b and c (for patients admitted commercially) and Article 9 par. 2 item h of the General Data Protection Regulation 2016/679 (GDPR), Article 3 of the Act on Medical Activity and Article 24 of the Act on Patients’ Rights and the Patient’s Rights Ombudsman,
– marketing purposes, receiving commercial information, electronically receiving a feedback survey on the provision of services, based on the patient’s consent (Article 6 par. 1 item a of the General Data Protection Regulation 2016/679 (GDPR)).

The scope of providing personal data is related to the conclusion of a contract for the provision of health services, is voluntary, and is a prerequisite for the conclusion of the contract. Providing personal data to the extent to which they relate to the provision of health services, including the keeping of medical records, is a statutory requirement and is necessary for the proper provision of health services.

Providing personal data to the extent to which they relate to marketing purposes, receiving commercial information, and receiving an e-mail survey regarding the submission of feedback on the provided benefits is voluntary.

Who can be the recipient of personal data:

Personal data of the patients of the Retina Outpatient Clinic and the Ophthalmology Hospital may be transferred to:

– medical operators cooperating with the Retina Outpatient Clinic and Ophthalmology Hospital to ensure continuity of treatment and availability of health services,
– technical and organizational service providers, which enable the provision of health services and medical records, in particular to ICT providers, suppliers and service technicians of medical equipment and courier and postal companies,
– persons authorized to obtain information about health and the planned and provided health benefits, as well as those authorized to obtain medical documentation,
– entities authorized under the law,
– providers of legal and advisory services and those supporting the Retina Outpatient Clinic and Ophthalmology Hospital in the recovery of due claims or defense of rights (law firms and debt collection companies).

How long personal data can be stored:

To the extent to which they relate to the conclusion of a contract for the provision of health services, the patients’ personal data are kept for the limitation period for possible claims.

The patient’s personal data collected in medical records are stored for the required period of storage for medical records, as required by law.

What rights are available to patients in relation to the processing of personal data in our facility:

Patients have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data.

If the processing of personal data is based on the patient’s consent, the patient has the right to withdraw their consent at any time without affecting the legality of the processing carried out based on the consent prior to withdrawal.

The right to request rectification, deletion or restriction of the processing of personal data and the right to object to the processing of data contained in the medical documentation is vested in the patient unless it violates the Controller’s obligation to store medical records.

Where the patient may lodge a complaint to the supervisory authority:

Patients have the right to submit a complaint to the supervisory authority at the address:

Office of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warsaw
tel. 22 531 03 00
fax 22 531 03 01
kancelaria@giodo.gov.pl
www.giodo.gov.pl

Office opening hours: 8.00 – 16.00

Personal data of patients at the Retina Outpatient Clinic and the Ophthalmology Hospital are not subject to automated decision-making, including profiling.

 

B) Information on the processing of personal data for persons authorized to obtain information about the health of the patient, and persons authorized to obtain medical records at the Retina Outpatient Clinic and Ophthalmology Hospital

Who is the Controller in the Retina Clinic and Ophthalmology Hospital:

Retina Okulistyka Sp. z o.o., Sp. km
ul. Gimnazjalna 1
01-364 Warsaw
NIP 7010343001
tel. 22 664 44 33
tel. 22 869 41 19
tel. 693 722 448
fax –
retina@retina.pl
www.retina.pl

Who is the Data Protection Officer in the Retina Clinic and Ophthalmology Hospital:

In all matters related to the protection of personal data in the Retina Outpatient Clinic and Opthalmology Hospital, you can contact the Data Protection Officer: e.chojnowska@retina.pl

What is the purpose of personal data processing and the legal basis for their processing:

Personal data of authorized persons are processed in order to implement the authorization to obtain information about the patient’s health, and the planned and provided health services, and to obtain medical documentation, based on the provisions of Article 6 par. 1 item c and d and Article 9 par. 2 item h of the General Data Protection Regulation 2016/679 (GDPR) and § 8 par. 1 of the Regulation of the Minister of Health of 9 November 2015 on the types, scope and templates of medical documentation and the way of its processing. Providing personal data is voluntary but necessary to implement the authorization.

What are the categories of personal data being processed:

The following personal data of authorized persons are processed: name, phone number or address.

Information about recipients of personal data:

Personal data of patients of the Retina Outpatient Clinic and the Ophthalmology Hospital may be transferred to entities authorized under the law and to technical and organizational service providers, which enable the provision of health services and medical records, in particular to ICT providers and courier and postal companies.

Period during which personal data will be stored

The personal data of authorized persons are kept for the period required by law for storing medical records, or until the patient’s authorization is withdrawn.

Rights of authorized persons in relation to the processing of personal data:

Patients have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data.

Information on the right to lodge a complaint with a supervisory body

Authorized persons have the right to submit a complaint to the supervisory authority:

Office of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warsaw
tel. 22 531 03 00
fax 22 531 03 01
kancelaria@giodo.gov.pl
www.giodo.gov.pl

Office opening hours: 8.00 – 16.00

Personal data of authorized persons are not subject to automated decision-making, including profiling, at the Retina Outpatient Clinic and the Ophthalmology Hospital.

C) Information for employees and for candidates on the processing of personal data at the Retina Outpatient Clinic and Ophthalmology Hospital

Who is the Controller in the Retina Clinic and Ophthalmology Hospital:

Retina Okulistyka Sp. z o.o., Sp. km
ul. Gimnazjalna 1
01-364 Warsaw
NIP 7010343001
tel. 22 664 44 33
tel. 22 869 41 19
tel. 693 722 448
fax –
retina@retina.pl
www.retina.pl

Who is the Data Protection Officer in the Retina Clinic and Ophthalmology Hospital:

In all matters related to the protection of personal data in the Retina Outpatient Clinic and Ophthalmology Hospital, you can contact the Data Protection Officer: e.chojnowska@retina.pl

What is the purpose of personal data processing and the legal basis for their processing:

The personal data of employees in our facility are processed in connection with all activities in the field of labor law on the basis of consent (Article 6 par. 1 item c and the General Data Protection Regulation 2016/679 (GDPR)), as well as the provisions of the Act on the Labor Cod. Providing personal data is obligatory, and such an obligation follows from the Act.

Personal data of job candidates are processed in order to conduct the recruitment process and establish a work relationship based on consent (Article 6 par. 1 item i of the General Data Protection Regulation 2016/679 (GDPR)). Providing personal data is voluntary but necessary to achieve the purpose.

Information about recipients of personal data:

Personal data of employees and new job candidates may be provided to entities authorized under the law and to providers of technical and organizational services, in particular ICT services, and courier and postal services, as well as to the basic occupational medicine facility.

Personal data of job candidates may be provided to entities authorized under the law and to providers of technical and organizational services, in particular ICT services, and courier and postal services, as well as to the basic occupational medicine facility.

What is the period of storing personal data of employees and job candidates:

The employees’ personal data at Retina Outpatient Clinic and Ophthalmology Hospital is kept for the period required by applicable law for storing employee documentation.

Personal data of job candidates are kept until the end of the recruitment process for persons who have consented to the processing of their personal data for the needs of a given recruitment process, and for one year counted from the last day of the year, in which the candidate entrusted their data to our facility, in the case of those who agreed to the processing of their personal data for the purposes of future recruitment processes.

What is the right of employees and job candidates in connection with the processing of their personal data:

Employees of the Retina Outpatient Clinic and the Ophthalmology Hospital have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data.

Job candidates have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data. Job candidates have the right to withdraw their consent at any time without affecting the legality of the processing carried out based on the consent prior to withdrawal.

Where to submit a complaint to the supervisory authority:

Employees and job candidates at the Retina Outpatient Clinic and Ophthalmology Hospital are entitled to file a complaint to the supervisory authority at the following address:

Office of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warsaw
tel. 22 531 03 00
fax 22 531 03 01
kancelaria@giodo.gov.pl
www.giodo.gov.pl

Office opening hours: 8.00 – 16.00

Personal data of employees and job candidates at the Retina Outpatient Clinic and Ophthalmology Hospital are not subject to automated decision-making, including profiling.

 

D) Information on the processing of personal data for persons concluding a civil law contract with the Retina Outpatient Clinic and Ophthalmology Hospital, or employees and persons representing the entity concluding a civil law contract (contractors) with the Retina Outpatient Clinic and Ophthalmology Hospital

Who is the Controller in the Retina Clinic and Ophthalmology Hospital:

Retina Okulistyka Sp. z o.o., Sp. km
ul. Gimnazjalna 1
01-364 Warsaw
NIP 7010343001
tel. 22 664 44 33
tel. 22 869 41 19
tel. 693 722 448
fax –
retina@retina.pl
www.retina.pl

Who is the Data Protection Officer:

In all matters related to the protection of personal data in the Retina Outpatient Clinic and Ophthalmology Hospital, you can contact the Data Protection Officer: e.chojnowska@retina.pl

What is the purpose of personal data processing and the legal basis for their processing:

Personal data of all contractors of the Retina Outpatient Clinic and Ophthalmology Hospital are processed for the purpose of implementing civil law contracts, pursuant to the provisions of Article 6 par. 1 item b and c of the General Data Protection Regulation 2016/679 (GDPR).

Providing personal data is voluntary though necessary to achieve the purpose.

Information about recipients of personal data

Personal data of contractors of the Retina Outpatient Clinic and the Ophthalmology Hospital may be transferred to entities authorized under the law and to technical and organizational service providers, in particular telecommunications services, courier and postal services, as well as legal and advisory service providers and those supporting our facility in pursuing due claims or defense of rights, in particular, law firms and debt collection companies.

How long personal data can be stored:

The personal data of contractors of the Outpatient Clinic and the Ophthalmology Hospital are kept for the period necessary to achieve the purpose, including for accounting and tax purposes, in accordance with applicable law.

Rights of clients in relation to the processing of personal data:

Contractors of the Retina Outpatient Clinic and the Ophthalmology Hospital have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data.

If the processing of personal data is based on the contractor’s consent, the contractor has the right to withdraw their consent at any time without affecting the legality of the processing carried out based on the consent prior to withdrawal.

Where to submit a complaint to the supervisory authority:

The contractors of the Retina Outpatient Clinic and the Ophthalmology Hospital are entitled to file a complaint to the supervisory body at the following address:

Office of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warsaw
tel. 22 531 03 00
fax 22 531 03 01
kancelaria@giodo.gov.pl
www.giodo.gov.pl

Office opening hours: 8.00 – 16.00

Personal data of customers and suppliers of the Retina Outpatient Clinic and Ophthalmology Hospital are not subject to automated decision-making, including profiling.

 

E) Information on the processing of personal data for persons contacting the Retina Outpatient Clinic and Ophthalmology Hospital by phone, registration forms, via e-mail or traditional mail, i.e. clients

Who is the Controller in the Retina Clinic and Ophthalmology Hospital:

Retina Okulistyka Sp. z o.o., Sp. km
ul. Gimnazjalna 1
01-364 Warsaw
NIP 7010343001
tel. 22 664 44 33
tel. 22 869 41 19
tel. 693 722 448
fax –
retina@retina.pl
www.retina.pl

Who is the Data Protection Officer in the Retina Clinic and Ophthalmology Hospital:

In all matters related to the protection of personal data in the Retina Outpatient Clinic and Ophthalmology Hospital, you can contact the Data Protection Officer: e.chojnowska@retina.pl

What is the purpose of personal data processing and the legal basis for their processing:

Personal data of all clients of the Retina Outpatient Clinic and Ophthalmology Hospital are processed in order to maintain current and updated correspondence, provide answers to questions asked, provide information on the prices of services, and the services themselves at the Retina Outpatient Clinic and Ophthalmology Hospital, as well as communicating on other matters based on the provisions of the Article 6 par. 1 item f of the General Data Protection Regulation 2016/679 (GDPR) or on the basis of the client’s consent (Article 6 par. 1 item a of the General Data Protection Regulation 2016/679 (GDPR)).

Providing personal data is voluntary though necessary to achieve the purpose.

Information about recipients of personal data:

Personal data of all clients of Retina Outpatient Clinic and Ophthalmology Hospital may be transferred to technical and organizational service providers, in particular ICT providers and courier and postal services.

How long personal data can be stored:

Personal data of all clients of the Retina Outpatient Clinic and the Ophthalmology Hospital will be kept for as long as is necessary to achieve the purpose.

Rights of clients in relation to the processing of personal data:

All clients of the Outpatient Clinic and the Ophthalmology Hospital have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data. If the processing of personal data is based on the client’s consent, the client has the right to withdraw their consent at any time without affecting the legality of the processing carried out based on the consent prior to withdrawal.

Where to submit a complaint to the supervisory authority:

All clients of the Outpatient Clinic and Ophthalmology Hospital have the right to submit a complaint to the supervisory body at the following address:

Office of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warsaw
tel. 22 531 03 00
fax 22 531 03 01
kancelaria@giodo.gov.pl
www.giodo.gov.pl

Office opening hours: 8.00 – 16.00

Personal data of customers and suppliers of the Retina Outpatient Clinic and the Ophthalmology Hospital are not subject to automated decision-making, including profiling.

 

F) Information on the processing of personal data for marketing purposes at the Retina Outpatient Clinic and Ophthalmology Hospital

Who is the Controller in the Retina Clinic and Ophthalmology Hospital:

Retina Okulistyka Sp. z o.o., Sp. km
ul. Gimnazjalna 1
01-364 Warsaw
NIP 7010343001
tel. 22 664 44 33
tel. 22 869 41 19
tel. 693 722 448
fax –
retina@retina.pl
www.retina.pl

Who is the Data Protection Officer in the Retina Clinic and Ophthalmology Hospital:

In all matters related to the protection of personal data in the Retina Outpatient Clinic and Ophthalmology Hospital, you can contact the Data Protection Officer: e.chojnowska@retina.pl

What is the purpose of personal data processing and the legal basis for their processing:

Personal data may be processed for marketing purposes, sending commercial information, receiving online survey forms to provide feedback on the provided benefit or service at the Retina Outpatient Clinic and Ophthalmology Hospital based on consent (Article 6 par. 1 item a of the General Data Protection Regulation) 2016/679 (GDPR)). Providing personal data is voluntary but necessary to achieve the purpose.

Information about recipients of personal data

Personal data processed for marketing purposes may be transferred to technical and organizational service providers, in particular ICT providers and courier and postal services.

How long personal data can be stored:

Personal data processed for marketing purposes is stored until the consent for processing is withdrawn.

What is the right of patients/clients in relation to the processing of personal data:

Persons whose data is processed for marketing purposes have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data. Persons whose data is processed for marketing purposes have the right to withdraw their consent at any time without affecting the legality of the processing carried out based on the consent prior to withdrawal.

Where to submit a complaint to the supervisory authority:

Those whose data is being processed for marketing purposes in the Retina Outpatient Clinic and Ophthalmology Hospital have the right to submit a complaint to the supervisory body as follows:

Office of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warsaw
tel. 22 531 03 00
fax 22 531 03 01
kancelaria@giodo.gov.pl
www.giodo.gov.pl

Office opening hours: 8.00 – 16.00

Personal data processed for marketing purposes are not subject to automated decision-making, including profiling, at the Retina Outpatient Clinic and the Ophthalmology Hospital.


G) Information for people staying at the Retina Outpatient Clinic and Ophthalmology Hospital facilities (at ul. Gimnazjalna 1 and Cieszkowskiego 1/3, room 79/80) in the video monitoring system, regarding the processing of personal data

Who is the Controller in the Retina Clinic and Ophthalmology Hospital:

Retina Okulistyka Sp. z o.o., Sp. km
ul. Gimnazjalna 1
01-364 Warsaw
NIP 7010343001
tel. 22 664 44 33
tel. 22 869 41 19
tel. 693 722 448
fax. –
retina@retina.pl
www.retina.pl

Who is the Data Protection Officer in the Retina Clinic and Ophthalmology Hospital:

In all matters related to the protection of personal data in the Retina Outpatient Clinic and Ophthalmology Hospital, you can contact the Data Protection Officer: e.chojnowska@retina.pl

What is the purpose of personal data processing and the legal basis for their processing:

The personal data in the video monitoring system are processed in order to ensure the safety of persons and property, including to secure medical records and other information, based on the provisions of Article 6 par. 1 item c, d and f and Article 9 par. 2 item h of the General Data Protection Regulation 2016/679 (GDPR), and ensuring the possibility of constant observation of patients from the level of medical registration and reception in relation to separate hospital rooms, based on the provisions of the Regulation of the Minister of Health of 22 November 2013 on guaranteed services in hospital treatment. Providing personal data is required to stay at the Retina Outpatient Clinic and Ophthalmology Hospital, and is necessary to achieve the purpose.

What are the categories of personal data being processed:

The following are processed in the video monitoring system: images of people, dates and times of recording, vehicle registration numbers.

Information about recipients of personal data

Personal data processed in the video monitoring system may be transferred to entities authorized under the law.

Period during which personal data will be stored:

Personal data processed in the video monitoring system are stored for no longer than three months. In the case where video recordings are evidence in the proceedings or the controller realizes that they can be evidence in the proceedings, the storage period may be extended until the final conclusion of such proceedings.

What is the right of persons staying at the Retina Outpatient Clinic and Ophthalmology Hospital facilities in relation to the processing of personal data:

Persons whose personal data is processed in the video monitoring system have the right to request access to their personal data, to rectify them, delete or restrict their processing or to object to their processing, as well as the right to transfer data.

Where to submit a complaint to the supervisory authority:

Persons whose image and personal data are processed in the video monitoring system have the right to submit a complaint to the supervisory body as follows:

Office of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warszawa
tel. 22 531 03 00
fax. 22,531 03 01
kancelaria@giodo.gov.pl
www.giodo.gov.pl

Office opening hours: 8.00 – 16.00

Personal data processed in the video monitoring system are not subject to automated decision-making, including profiling, at the Retina Outpatient Clinic and the Ophthalmology Hospital.


Retina Ophthalmological Outpatient Clinic and Hospital in Warsaw is a modern medical facility with an excellent and experienced team of specialized physicians – including pediatric ophthalmologists. Retina opened in 2004. Since that time we have performed over 10,000 eye surgeries, hundreds of angiographic tests and ultrasounds, and have had over 15,000 patients.

The name of our hospital comes from Greek. Retina is an inner coat of the eyeball responsible for vision. A Patients’ ability to see is the most important for us, ophthalmologists. Knowledge and many years of experience help our team to achieve that goal.

We are unique in our non-standard approach to eye diseases, innovative solutions and patient-friendly approach. Knowledge and experience are not enough and need to be supported by tests, which we perform on the most up-to-date equipment.

ISO 9001:2015