With this Policy, our Company under the name " Euromedica General Clinic of Dodekanese Single Member SA " , which is based in Rhodes Dodecanese ( KOSKINOU, RHODES, PO BOX 85100), with VAT number EL099658646, Tax Authority of Rhodes, with General Commercial Registry Number 072215820000 (hereinafter "Company") provides users and visitors of its website (hereinafter "users"), to which this website https://dialysis-rhodes.com/ belongs, aims, as a Data Controller within the meaning of the applicable legislation, to provide the users/visitors of this website with more specific information regarding the processing of their personal data while browsing and using it.

  1. Introduction

With respect to your privacy and the management, protection and security of your personal data, our Company has established and implements this Personal Data Protection Policy (hereinafter "Privacy Policy"). Through the Privacy Policy, we provide you with the necessary information regarding the processing of the personal data you provide us, in the context of the relationship between us. The processing and protection of your personal data is always governed by the provisions of the General Data Protection Regulation (EU) 2016/679 - GDPR (hereinafter "GDPR"), the currently applicable Greek legislation on the protection of personal data (law. 4624/2019, Law 2472/1997, Law 3471/2006, as applicable, etc.), as well as from the relevant decisions, directives and regulatory acts of the Personal Data Protection Authority (hereinafter "PDPA").

  1. Basic concepts

The processing and protection of your personal data is governed by the provisions of the General Data Protection Regulation (EU) 2016/679 - GDPR (hereinafter "GDPR"), the applicable national legislation on the protection of personal data, as well as by the relevant decisions and instructions of the individual competent national supervisory authorities, in addition to this Policy.

For a better understanding of this Policy, the definitions of the following key concepts are listed:

"Subject" of personal data The website user, visitor, and any natural person in general interacting with the website.

"Personal data": Any information that can directly or indirectly identify a natural person (the "Subject"), such as his name, postal address, contact details (telephone, mobile), his electronic address (e- mail), etc.

"Processing": Any operation or series of operations performed with or without the use of automated means on personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or alteration , retrieval, retrieval of information, use, disclosure by transmission, dissemination or any other form of disposal, association or combination, restriction, deletion or destruction of personal data that has come or will come to our knowledge us, through the website.

"Processor": the Company with the name " Euromedica General Clinic of Dodekanese Single Member SA ", which is based in Rhodes Dodecanese ( KOSKINOU, RHODES, P.O. 85100), with VAT number EL099658646, Tax Authority of Rhodes, with General Commercial Registry Number 072215820000

"Processor": The natural or legal person, public authority, agency or other entity/company that processes personal data on behalf of the Controller.

"Recipient": The natural or legal person, public authority, agency or other entity/company, where the personal data is also disclosed, whether it is a third party or not.

  1. What data is collected about you, for what purpose and with what legal basis

Through this website, your necessary personal data is collected and subject to processing as the case may be, in the context of the best possible support or information, ensuring our legal obligations or based on your specific consent. Specifically, we process the following data in the following cases:

Activity Data Purpose Legal basis
Login to the website IP address, date and time of access (timestamp-timezone), access provider, browser and its version, operating system and its version, user/device ID Providing personalized services to you, proper connection establishment, security and system stability α) έννομη υποχρέωσηβ) έννομο συμφέρον, στο πλαίσιο ασφαλούς διάθεσης της ιστοσελίδας στο ευρύ κοινό και παροχής υπηρεσιών προς αυτό
Contact Form First name, last name, email, telephone, country, date of arrival, date of departure, comments - message, date - time - version of acceptance of Privacy Policy Asking a question, reporting an issue, expressing interest in communication and further information/support α) η  μεταξύ μας συνεργασία και σχέση, κατ’ αίτημά σαςβ) το έννομο συμφέρον για άμεση εξυπηρέτηση και επικοινωνία με ενδιαφερόμενους
Book First name, last name, email, telephone, country, date of arrival, date of departure, comments - message, date - time - version of acceptance of Privacy Policy Booking - creating an appointment, further communication and information/support α) η  μεταξύ μας συνεργασία και σχέση, κατ’ αίτημά σαςβ) το έννομο συμφέρον για άμεση εξυπηρέτηση και επικοινωνία με ενδιαφερόμενους
Cookies(βλ. Πολιτική Cookies)
  1. Special category data

With regard to sensitive personal data (special category data), such as indicative data relating to your racial or ethnic origin, health data or data relating to your sex life or sexual orientation, in cases where you provide us with such data, depending with the subject of our communication and your specific issue (especially in the context of describing your case), these will be processed by us following your express consent and as an integral part of your respective request.

  1. Data relating to minors

In principle, this website is not addressed to natural persons, who have not completed the eighteenth (18th) year of their age. Therefore, we do not process personal data from minors. However, we point out that, when the processing of personal data is based on consent in accordance with art. 6 par. 1 f. a) GDPR, in relation to the offer of information society services directly to a child, the consent provided by the minor and consequently the processing will only be lawful if the minor who consents is at least 15 years old, otherwise if provided or approved by his legal representative.

  1. Recipients of your data

The personal data we collect in the context of the contact between us through the website is only processed by:

  • The authorized personnel of the Company, who are bound by conditions of confidentiality and observe appropriate security measures,
  • Partners to whom we entrust the execution of specific tasks on our behalf either in accordance with art. 28 GDPR as Processors, either as joint or independent Processors, and with whom in any case we ensure GDPR-compliant processing of your data, by signing contractual terms and committing to observe security measures.
  • Public bodies and authorities, police and other competent authorities, prosecutors, other administrative services, etc., when we are obliged to do so by the applicable legal framework, in particular Prosecution of Electronic Crime in cases deemed necessary based on the reported

In principle, we do not transfer your data to third (outside the EU or EEA) countries or international organizations that do not ensure an adequate level of protection. In any case, any possible transmission by us or our Executors will be in accordance with the relevant provisions of the applicable legislative framework and the required guarantees, in particular the art. 44 ff. GDPR.

  1. Period of keeping personal data

We retain your personal data for as long as required by the nature and purpose of each processing or for as long as defined by the applicable legislative and regulatory framework, taking into account our legal obligations as well as any legal claims, in order to justify the retention time accordingly personal data. After the period of time necessary for each case, the data that is no longer necessary is deleted in a safe and non-recoverable way.

  1. Your rights regarding the processing of your data

Each visitor - user of the website, as a data subject, retains control over his data and may at any time exercise his rights, as provided for in the GDPR and in particular articles 12 to 23 thereof, and the respective national legislation, under the specific conditions for each case, and in particular:

–          Right to be informed and to provide information on the processing of data, before and during processing (art. 12, 13, 14 GDPR)
–          Right of access to the personal data concerning you and as long as we process it, as a Data Controller (art. 15 GDPR)
–          Right to correct data (Art. 16 GDPR).
–          Right to delete your personal data ("right to be forgotten") (Art. 17 GDPR).
–          Right to restrict the processing of your personal data (Art. 18 GDPR).
–          Right to portability (Art. 20 GDPR).
–          Right to object (Art. 21 GDPR) and to object to any automated decision-making, including profiling (Art. 22 GDPR).
–          Right to withdraw your consent already given (art. 7 par. 3 GDPR)
–          Possibility of submitting a complaint to the competent supervisory authority (art. 77 GDPR).

After we receive your written request regarding the exercise of your rights, we will make every effort to take the required actions to satisfy it within (1) month from the date of receipt or, in any case, to inform you about the progress of the request.

  1. Security of your data

Our Company takes care, among other things, of taking the appropriate technical and organizational measures in order to ensure the appropriate level of security when processing your data, in particular against accidental or illegal destruction, loss, alteration, unauthorized disclosure or access to personal data, in accordance with article 32 of the GDPR.

In particular, there is encryption of the user's communication with the web application (TLS 1.3) in all the data exchanged with it. In addition, backups are taken for the data stored by the application, while the infrastructures are installed within EE in a data center with all the necessary physical and electronic security measures, having ISO/IEC 27001:2013 certification.

  1. Useful contact information:

Data Controller:

Euromedica General Clinic of Dodecanese Single Member SA

Rhodes Dodecanese (KOSKINOU, RHODES, P.O. 85100)

VAT number 099658646,

General Commercial Registry Number 072215820000

Τηλ. +30 22410 45000, email: info.rhodes@imitheamg.gr

Details of the Personal Data Protection Authority (PDPA):

1-3 Kifisias Avenue, P.O. 115 23, Athens

Call Center: +30 2106475600

Fax: +30 2106475628

Email: contact@dpa.gr

Details of the Data Protection Officer ( DPO ): (DPO):

1-3 Kifisias Avenue, P.O. 115 23, Athens

Email: dpofficer@imitheamg.gr

Τηλ. : 210-3686700

This Privacy Policy may be modified at any time and its updated version will be posted on the website each time. For this reason, users are invited to regularly refer to this Policy.

Τελευταία ενημέρωση: [Ιούλιος 2025]