Data Handling & Privacy Policy
Swedish MedCare is committed to providing quality services to clients and cooperation partners and this policy outlines our ongoing commitment to clients and cooperation partners in respect of how we manage their Personal data.
Client means any natural person who uses, has used or has expressed a wish/intention to use or is in other way related to any of the services provided by Swedish MedCare.
We have adopted this Privacy Policy that governs the way in which we process Personal data. Data processing means: any operation carried out with Personal data (incl. collection, recording, storing, usage, alteration, grant of access to, making enquiries, transfer, disclosure, erasure etc.).
When you contact us with your request, we process personal data about you in order to be able to process your order, for promotional purposes, and for some additional purposes. Learn more about what purposes we process your personal data for and about your rights pursuant to the data protection legislation within this document text. If you do not want us to process your personal data, you will unfortunately be unable to submit information requests or order services from us.
General Provisions
These Principles describe how Swedish MedCare Processes Personal data on a general level. Specific details on the Processing of Personal data might be also described in agreements, other service related documents and on Swedish MedCare webite: www.swedishmedcare.com.
We will only process the personal data about you that is necessary for the purposes as specified in sections below. In addition, we have procedures for how we store and remove identifying information from personal data in order to continuously ensure that your personal data is sufficient and relevant at all times.
Swedish MedCare ensures, within the framework of applicable law, the confidentiality of Personal data and is implementing appropriate technical and organisational measures to safeguard Personal data from unauthorized access, unlawful Processing or disclosure, accidental loss, modification or destruction.
Swedish MedCare may use authorised processors for processing Personal data, the cooperation with which is regulated by the law and agreements.
When you use our website, we do not attempt to identify you as an individual user and we will not collect personal information about you unless you specifically provide this to us.
What is personal data?
Personal data is information that identifies an individual; any information related to an identified or identifiable natural person.
Sensitive Data
Sensitive information is defined in the Privacy Act to include information or opinion about such things as health information.
Sensitive information will be used by us only:
-
For the primary purpose for which it was obtained
-
For a secondary purpose that is directly related to the primary purpose
-
With your consent; or where required or authorised by law.
Personal health information is spoken or written information that:
-
relates to the physical or mental health of the individual, including the individual’s and family medical history
-
relates to the individual’s health care
-
relates to the individual’s health care payments or eligibility for health care
-
relates to an individual’s donation of any body part or bodily substance, derived from testing of such body part of substance
-
is the individual’s health card number
-
identifies a provider of health care to the individual
-
identifies a substitute decision maker of the individual
Where the data is obtained from
The information is obtained directly from you when you provide these to us via an online form or by email, for example, if you:
- submit a general enquiry via our contacts page;
- send a written enquiry to our e-mail.
Personal data is obtained in other ways including: interviews, correspondence, by telephone and facsimile, by email, via our website www.swedishmedcare.com, from media and publications, from other publicly available sources, from cookies and from third parties. Personal data may be collected from the Client’s use of the services and from external sources such as public and private registers or other third parties. Taking into account that most of our services are cross-border services and involves exchange of information between different information providers and recipients, please be aware, that in order to provide quality services we might obtain from or need to give your data to external service provider (e.g., laboratory, diagnostic center, doctors etc). These service providers might obtain data from their supported data bases. We all are aware that there might be cases when it is difficult to exclude some parts of information because in many cases information (documents) issued are according to local medical or other standard and documentation contains a lot of details and information, many details might be of importance while evaluating the health condition to enable to deliver the quality service according to your request. Therefore, providing the information we request (usually on other’s behalf) is necessary so that we will be able to enter into an agreement with you and deliver the required service/answer.
When you use our website, our Internet Service Provider (ISP) will record and log for statistical purposes the following information about your visit: your computer address; your top level name (for example, .com, .eu, .gov, .org, .se etc); the date and time of your visit; the pages and documents you access during your visit; and
the browser you are using.
Our web-site management agent may use statistical data collected by our ISP to evaluate the effectiveness of our web-site.
Why do we process your data?
We process your data with the primary aim to:
-
Manage customer relations in general and based on your request provide our services to you. Administrate access to services, deliver quality services. That includes collecting precise and sufficient information to enable all the required parties to give their required opinion to evaluate the case and determine required scope of the services to achieve objectives of the client.
Other purposes and basis for your data processing:
-
comply with legal obligations and verification of identity to comply with applicable law, for example to verify identity based on performance of an agreement or in order to take steps at the request of the client
-
plan, administer and manage our internal operations and involvement of the third parties.
-
Get or organise payment from insurance companies or other third parties if those are involved in the particular case business model.
-
conduct risk management activities.
-
Provide additional services, perform customer surveys, ask for references, carry out market analyses and statistics, improve the client’s user experience of services and to develop new products and services. Even when the data is processed for marketing purposes, it is based on a balancing of interests where we assess that our interest in marketing our products to you is such a legitimate interest that means that the processing is permissible or ensured by the third party (technological solution) privacy policies.
-
protect interests of Swedish MedCare.
Ground for your data processing is:
-
Your request/contract on service delivery.
-
Your consent. Since processing of sensitive data might be involved, your written consent is mandatory in order to enable us to deliver the services for you.
-
Implementation of the requirement of legislation /legal acts. We may collect and process your personal data to fulfil legal obligations, for instance the obligation to keep accounting records, to the extent and during the time period as specified by law.
-
SMC legitimate interest fulfilling /protection.
Which personal data we process about you
Initially we will process all of the personal data you provide to us in connection with your information/service request. For initial request and case review, to evaluate our ability to provide you the service you need -the minimal information, such as your contact details (e-mail/phone number) might be required. When you order our services you enter into an agreement with us and then additional information is gathered in order to deliver you the services and correspond the regulatory requirements.
Personal data categories, which Swedish MedCare obtains and processes:
Who is responsible for the processing
This privacy Policy is the general policy for all the Swedish MedCare company group companies (branches, or any legal entities belonging to SIA “Swedish MedCare Holding”).
AS “Swedish MedCare” is the general data controller within Swedish MedCare company group in relation to the data processing and is processing the primary incoming data (client requests).
In the cases of further interaction with the client/cooperation partner communication and discussion might be forwarded to respective Swedish MedCare company group company, specialised in the matter of interest.
In this policy Swedish MedCare (SMC) as Swedish MedCare company group and also as each of the group companies is referred to as “We” and you who send information requests or order services from us, or who have shown an interest in ordering services or establishing cooperation with us, are referred to as “You”.
Where is your personal data stored
Your personal data is stored primarily in IT infrastructure provided by one of our personal data processors. The personal data is processed and stored primarily within the EU/EEA, with the exceptions set out below.
Disclosure of personal data
Your Personal data may be disclosed in a number of circumstances including the following:
-
Third parties where you consent to the use or disclosure; and
-
Where required or authorised by law.
Third parties. Recipients of personal data
The primary data and service request we will obtain from you.
Your personal health data might and in many cases will be shared with other health care professionals and medical services providers involved in your case/your service request fulfilment to deliver a quality service to you and reach the goals set by you (in most cases –obtain maximum information about health condition).
Personal data, including health data, is shared in minimum possible amount only within the scope of service provision for the client or according to the law requirements, with other recipients, such as
-
Authorities (such as law enforcement authorities, bailiffs, notary offices, tax authorities, supervision authorities and financial intelligence units).
-
Swedish MedCare company group companies (in case involvement of these companies is required for their specific service provision)
-
financial institutions, insurance service providers and intermediaries of financial services,
-
auditors, legal and financial consultants, or any other processor authorized by Swedish MedCare.
-
third parties maintaining registers (such as to population registers, commercial registers, securities registers or other registers holding or intermediating Personal data).
-
debt collectors upon assignment of claims, courts, out-of-court dispute resolution body and bankruptcy or insolvency administrators.
-
other persons related to provision of services of Swedish MedCare such as providers of archiving, postal services, providers of services rendered to the Client, when the Client orders e-invoices for these services, health care institutions and medical service providers (hospitals, laboratories, clinics, doctor’s practice etc.), other authorized parties related to services provision.
In all the cases during interaction with third parties information is treated as confidential by all possible means and available technological solutions.
Security of personal data. Retention period
Your Personal data is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.
Personal data will be processed no longer than necessary. When your Personal data is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal data.
The retention period may be based on agreements with the Client, the legitimate interest of Swedish MedCare or applicable law (such as laws related to bookkeeping, civil law, etc). Thus most of the Personal data is or will be stored in client files which will be kept by us for a minimum of 3 years.
Sensitive data regarding the health will be kept maximum 18 months, unless you indicate other term. After that term the data is erased.
Clients' rights as data subjects
A client/cooperation partner (data subject) has rights regarding his/her data processing that is classified as Personal data under applicable law.
Such rights are in general to:
-
Require his/her Personal data to be corrected if it is inadequate, incomplete or incorrect.
-
Object to processing of his/her Personal data, if the use of Personal data is based on a legitimate interests, including profiling for direct marketing purposes (such as receiving marketing offers or participating in surveys).
-
Require the erasure of his/her Personal data, for example, that is being processed based on the consent, if he/she has withdrawn the consent. Such right does not apply if Personal data requested to be erased is being processed also based on other legal grounds such as agreement or obligations based on applicable law.
-
You may also request that the processing of your personal data be limited (frozen) if in your opinion the personal data we are processing is not correct, if the processing would be unlawful/illegal, if we no longer need to retain or process the data but if you, despite this, still need them in order to be able to make a legal claim or if you have opposed the processing, and until we have dealt with your objections.
-
You are entitled to obtain the personal data about you that you provided to us in a structured, widely-used and machine-readable format in order to be able to transfer this information to another data controller. This applies only to the information you yourself have provided to us, and only when the processing is based on your consent or for the purpose of being able to fulfil an agreement with you. If you want to obtain your personal data in this manner, please contact us.
-
Receive information if his/her Personal data being processed by Swedish MedCare and if so then to access it. You may request (in writing) us to provide information on what Personal Data do we hold about you. In order to protect your Personal data we may require identification from you before releasing the requested information.
-
Receive his/her Personal data that is provided by him-/herself and is being processed based on consent or in order to perform an agreement in written or commonly used electronical format and were feasible transmit such data to another service provider (data portability).
-
Withdraw his/her consent to process his/her Personal data.
-
Lodge complaints pertaining to the use of Personal data to the Data Protection Authority at www.dvi.gov.lv if there is a concern that Processing of his/her Personal data infringes his/her rights and interests under applicable law. We follow that your personal data is always processed in a proper and secure manner, therefore if you have any comments about our handling or processing of personal data, please feel free to contact us.
-
Other rights according to the regulations
Policy Updates
Swedish MedCare is entitled to unilaterally amend the principles at any time, in compliance with the applicable law, having at all times the latest version published on Swedish MedCare website.
Cookies
A "cookie" is a device that allows our server to identify and interact more effectively with your computer. Cookies do not identify individual users, but they do identify your ISP and your browser type.
This website uses temporary cookies. This means that upon closing your browser, the temporary cookie assigned to you will be destroyed and no personal information is maintained which will identify you at a later date.
Personal information such as your email address is not collected unless you provide it to us. We do not disclose domain names or aggregate information to third parties other than agents who assist us with this website and who are under obligations of confidentiality. You can configure your browser to accept or reject all cookies and to notify you when a cookie is used. We suggest that you refer to your browser instructions or help screens to learn more about these functions. However, please note that if you configure your browser so as not to receive any cookies, a certain level of functionality of the Swedish MedCare website and other websites may be lost.
Policy enquiries. Contact details.
If you have any enquiries, withdrawal of consents, requests to exercise data subject rights and complaints regarding the use of Personal data or other questions about our Privacy Policy please contact us at:
Swedish MedCare
Lacplesa iela 27-2, Riga, LV-1011, Lettland