GDPR
Information on the processing of personal data for customers of laboratory services of Hola Biolabs s.r.o.
Dear customers,
registering in our booking system and undergoing the collection of biological material required for the the result of the laboratory service, you have given us your personal data. Our company has thus become the controller of your We always handle this data responsibly and in accordance with the Regulation of the European Parliament and of the Council of the EU No 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data movement of such data and repealing Directive 95/46/EC ("GDPR").
Who is who in terms of "GDPR"?
Data Controller: Hola Biolabs s.r.o., ID 09411623, Bezručova 17a, 60200 Brno, tel. +420 511 205 344, info@hola-biolabs.com
Privacy Officer: Mgr. Daniela Čecháková, daniela.cechakova@hola-biolabs.com
Data subject: in this case, it is the customer who receives the laboratory test at Hola Biolabs s.r.o. for direct payment or through payment by a health insurance company and whose personal data is handled.
Which of your personal data do we process?
- identification data (name, surname, sex, date of birth, birth number, nationality, passport number for travel passport)
- public health insurance number
- information about your medical condition related to the laboratory test
- contact details (contact address, e-mail and telephone)
Why we need your personal data?
We process your personal data to the extent necessary for the purpose of:
- provision of a health service paid for by a health insurance company
- provision of services on the basis of a customer contract
- fulfilling the obligations imposed on health service providers by generally binding legal regulations (keeping medical documentation and reporting of covered health services to health insurance companies, providing data to statutory health registers, health stations, reporting to disease registers provided for by law)
- compliance with tax and accounting obligations
- own organisation of the provision of health services (e.g. ordering patients)
- offers of related laboratory services provided by Hola Biolabs s.r.o. (can be refused)
When we need your written consent?
If we record your personal data beyond the above, we will ask for your written consent (e.g. volunteer volunteer in a research study).
On what legal basis do we process your personal data??
Processing is necessary:
- for the performance of a contract to which the data subject is a party or for the implementation of measures taken before the conclusion of the contract at the request of the data subject himself (laboratory tests for self-payers)
-
to comply with the legal obligations imposed on us as a provider of health care services and administrator and
processor of personal data (in the case of laboratory testing of patients) arising from:
- Act No. 372/2011 Coll., on health services and conditions of their provision
- Decree 98/2012 on medical documentation
- Act No. 48/1997 Coll., on public health insurance
- for the purposes of the legitimate interests of the controller, except where those interests are overridden by the interests or fundamental rights and freedoms of the data subject, in particular where the data subject is a child (e.g. defending legal claims of Hola Biolabs)
- to perform a task in the public interest, e.g. pursuant to Act No. 205/2020 Coll. (Act amending Act No. 258/2000 Coll., on the protection of public health and amending certain related acts, as amended)
- if the customer/patient has given consent to the processing of his/her personal data for one or more specific purposes (e.g. scientific research)
To whom we transfer your personal data?
We only pass on your personal data to the extent necessary so that the results of your laboratory test to your satisfaction. Our contractors with whom we are have entered into a written confidentiality agreement for the processing of your personal data. We also transfer your personal data in in accordance with the law to your health insurance company in the case of reimbursement by the insurance company and to public authorities in accordance with the law. We do not transfer your personal data abroad.
How long we keep your personal data?
We retain your personal data for the necessary period of time required by applicable law, specifically:
- personal data stored in medical records - for 5 years in accordance with Decree No. 98/2012 Coll., as amended
- tax documents - according to the legal regulations in relation to accounting and tax obligations for up to 10 years
- contact details for sending commercial communications - for a maximum period of 3 years from the conclusion of the contractual relationship, if the customer has not opted out of receiving
After the expiry of the statutory time limits, we dispose of all data.
What are your data protection rights?
- Right of access to personal data You have the right to access the personal data we process about you.
- Right to information about the processing of your personal data You have the right to information about how your personal data is processed personal data, including information about how long it will be stored.
- Right to rectification You have the right to request rectification of inaccurate personal data.
- Right to erasure You have the right to request the erasure of the personal data processed (however, the erasure of the data must not conflict with legal provisions).
- Right to withdraw consent If the processing of personal data is based on your consent, you may withdraw such consent at any time and prevent further processing for the purpose stated in that consent. However, by withdrawing your consent does not affect the lawfulness of the processing in the period prior to its withdrawal.
- Right to object You have the right to object to the processing of your personal data. The legitimacy of the objection will be thoroughly examined.
- Right to restriction of processing You have the right to request that we restrict the processing until we have resolved your objections (even knowing that this may delay the performance of the service provided).
- Right to data portability Upon your request, we may transfer your personal data to you or at your request to another person (e.g. to your treating doctor in the case of a self-payer).
- Right to seek redress If you believe that your personal data is being processed in breach of the law, do not be afraid to lodge a complaint with our customer service department. The remedy will be handled no later than one month after receipt of your request.
- The right not to be subject to automated decisions This right ensures the data subject that he or she will not be subject to a decision based solely on automated processing, including profiling, which is lawful for him or her effects on him or similarly significantly affects him.
Need to know more about how your personal data is handled or need to exercise your rights?
Then you can contact us on our customer service line +420 511 205 344 or via e-mail info@hola-biolabs.com. Alternatively, contact our company's Data Protection Officer by e-mail daniela.cechakova@hola-biolabs.com.