Program de formare și perfecționare
pentru asistente medicale de stomatologie

Sunt pregătită să fac
următorul pas în cariera mea!

Information note
on data processing by smilevision.ro

Str. Gheorghe Lazăr nr. 9
Corp H, Etaj 2, Timișoara

Luni - Vineri
9.00 - 20.00

WhatsApp 1

TEHNO DENTA SRL (“Smile Vision”) is fully committed to protecting the confidentiality of the personal data of its our customers, partners and vendors. This privacy policy is intended to help you understand what information we collect, why we collect it, and how you can update, manage, export, and delete your data. The policy also includes the security measures that Smile Vision takes to protect such data, as well as your rights in connection therewith.

By “smilevision.ro” we mean any web page (website, landing page, subdomain, etc.) owned, managed or existing under the Smile Vision umbrella. By using this website, you consent to the collection, processing and transfer of your data as detailed in this policy.

Please check this section regularly as the policy may be changed or updated. Any significant changes to this policy will be notified.

In addition to this note, please refer to the Cookie Policy and the Terms and Conditions.

The data collected on our platform is subject to the General Data Protection Regulation 2016/679 (Regulation (EU) 2016/679), also known as the GDPR and the EU Privacy and Electronic Communications (e-Privacy Directive) (2002/58/EC).

If you have any further questions regarding the way we use your data, you can use the contact page to leave us a message, or contact us using the information provided below.

Who are we?

We are TEHNO DENTA S.R.L. (“Smile Vision”), the owners of the smilevision.rowebsite. We offer a whole range of dental services: general dentistry, complex oral rehabilitation, implantology, dental aesthetics, orthodontics, micro-endodontics, and paediatric dentistry.

  • general dentistry
  • complex oral rehabilitation
  • implantology
  • dental aesthetics
  • orthodontics
  • microscopically assisted endodontics
  • dentistry for children.

Information about Smile Vision

TEHNO DENTA SRL, with office in Timisoara, str. Gheorghe Lazar, nr. 9, corp H, et. 2, Timis county, is registered with the Trade Register under no. J35/2925/2018, and fiscal code no. 1616107.

Contact details

+40 724 005 832 | office@smilevision.ro | smilevision.ro

What sources do we use to collect data

In general, the personal data collected is provided by you via e-mail, this website - i.e. the contact form -, via social media networks, or during your visits to our clinic.

Occasionally, when we are recruiting, we may collect data about you from specialized online platforms (eJobs, LinkedIn, etc.) or from the resumes you send us.

Furthermore, when you interact with us on social media networks (i.e. via liking, sharing posts, or posting comments, reviews, etc.), we will inevitably have access to information about you, especially to the data you have made public on your social media profile.

How do we use personal data

You can find below the purposes for which we process your personal data, as well as the people who have access to your data, and how we store it.

1. When you contact us via the website or our social media accounts

If you interact with us using the contact details on the contact page or interact with us via any social media networks, we will use your contact details and the data you provide to address your request.

Personal data

Last name, first name, phone number, email address, Internet Protocol (IP), cookie ID, data you have made public on your social media profile, and any other data you voluntarily send us

Legal grounds for processing data

  • We process your data in order to take steps at the request of the data subject prior to entering into a contract (Art. 6/1/b GDPR)
  • In pursuit of our legitimate interest (Art. 6/1/f GDPR) to answer to any questions, complaints or recommendations you send us, and to improve the services and experience we offer to our customers.

Who do we share your data with

  • Contracted IT services providers (hosting, data storage), or providers to whom we outsource certain website-related technical support services, or providers of customer relationship management systems
  • Social media platforms: Facebook, Instagram, LinkedIn, YouTube
  • Marketing company contracted for SEO optimization services
  • Contracted web infrastructure and website security company
  • Regulators and other state authorities, if required by legal or statutory requirements.

We will only disclose your personal data if it is strictly necessary to achieve the intended purpose. We have taken all the necessary actions to ensure that external service providers, who have access to your data, have also implemented physical, electronic and managerial security measures to protect your data.

How long will we store your data

  • We will not keep in our databases any data older than 1 year from the date of the last interaction.
  • The data submitted via social media networks will be stored by such platforms according to their own policies.

Where is the data stored

  • The data submitted via the smilevision.ro website will be stored on the hosting provider's servers, located in the European Union.
  • The data shared via the social media platforms will be stored by those platforms in compliance with their own policies, located either in the European Union or the USA.
  • The data we download locally will be stored on our secure, local and cloud servers located in the European Union or the US.

2. Making an appointment via the contact form on the smilevision.ro website or by phone

Website visitors can make an appointment for one of the services offered by our clinic in two ways: by phone (0724 005 832) or via the online form. We need your data or the patient’s data to make the appointment (if you are making an appointment on behalf of the patient, e.g. a minor).

Attention!

An appointment is considered registered in our system only after it has been confirmed by the Smile Vision team.

Personal data

Name, e-mail address, telephone number, online identifiers (e.g. IP)

Sensitive and/or demographic personal data

Any sensitive and/or demographic data provided voluntarily while making an appointment such as: gender, citizenship and/or information about citizenship, communication of patient-related medical or health information (conditions, previous treatments, etc.) and/or racial, ethnic or religious data.

Legal grounds for processing data

  • We process your data in order to take steps at the request of the data subject prior to entering into a contract (Art. 6/1/b GDPR)
  • We process your data for the performance of a contract - the provision of the medical services as established by the specialist doctor (Art. 6/1/b GDPR)
  • We will process the data for a legitimate interest if you are our customer, and if we believe that the information may be of great interest to you. (Art. 6/1/f GDPR)
  • The personal data special categories will be processed for the patient's appointment in order to provide the medical services as established by the specialist doctor (Art. 9/2/h GDPR).

Who do we share your data with

  • Contracted IT services providers (hosting, data storage), or providers to whom we outsource certain website-related technical support services, or providers of customer relationship management systems
  • Contracted web infrastructure and website security company
  • Regulators and other state authorities, if required by legal or statutory requirements.

We will only disclose your personal data if it is strictly necessary to achieve the intended purpose. We have taken all the necessary actions to ensure that external service providers, who have access to your data, have also implemented physical, electronic and managerial security measures to protect your data.

How long will we store your data

  • Appointment-related data will be stored for a period of 12 months
  • The data registered in the patient’s file will be stored for 10 years so as to monitor the condition’s evolution over time
  • The data registered in the financial-accounting documents (e.g. invoices, card payments, cash on delivery, etc.) will be kept in our archives for 5 years, starting from the end of the financial year during which they were drafted, in compliance with the periods indicated in the Accounting Law no. 82/1991 and the Order 2634/2015.

Where is the data stored

  • The data registered in our data management system will be stored on the hosting provider's servers, located in the European Union
  • The data we download locally will be stored on our secure, local and cloud servers located in the European Union or the US

Whenever you use any Smile Vision treatments, your personal data, including any medical information, will be registered in the patient’s file.

Since Smile Vision offers the possibility to pay for treatment plans via Star BT cards, this process also concerns the processing of the patients’ personal data by the bank issuing the card. For more information on the data processing by the bank, contact the respective institution.

Personal data

Name, email address, phone number, gender, age.

Sensitive personal data

Any sensitive data relevant to the provision of the medical service as established by the specialist doctor, e.g.: patient-related medical or health information (conditions, previous treatments, etc.), etc.

Legal grounds for processing data

  • We process your data for the performance of a contract - the provision of the medical services as established by the specialist doctor (Art. 6/1/b GDPR)
  • We will process the data for a legitimate interest in order to issue the guarantee certificate, and to allow you to get the privileges we offer to our loyal customers (Art. 6/1/f GDPR)
  • The personal data special categories will be processed for the patient's appointment and to provide the medical services as established by the specialist doctor (Art. 9/2/h GDPR)

Who do we share your data with

  • Contracted IT services providers (hosting, data storage), or providers to whom we outsource certain website-related technical support services, or providers of customer relationship management systems
  • Specialist technicians, specialist doctors
  • Contracted invoicing and accounting service provider
  • The card payment system provider
  • Private health insurance companies
  • Banca Transilvania
  • Contracted web infrastructure and website security company
  • Regulators and other state authorities, if required by legal or statutory requirements.

We will only disclose your personal data if it is strictly necessary to achieve the intended purpose. We have taken all the necessary actions to ensure that external service providers, who have access to your data, have also implemented physical, electronic and managerial security measures to protect your data.

How long will we store your data

  • The data registered in the patient’s file will be stored for 10 years so as to monitor the condition’s evolution over time
  • The data registered in the financial-accounting documents (e.g. invoices, card payments, cash on delivery, etc.) will be kept in our archives for 5 years, starting from the end of the financial year during which they were drafted, in compliance with the periods indicated in the Accounting Law no. 82/1991 and the Order 2634/2015.

Where is the data stored

  • The data registered in our data management system will be stored on the hosting provider's servers, located in the European Union
  • The data we download locally will be stored on our secure, local and cloud servers located in the European Union or the US.

3. Commercial and marketing communications

We may send you information about our products and services offered, if you have requested such information (via email or contact form), or if you already are one of our customers, and such information may be of particular interest to you.

Personal data

Last name, first name, phone number, email address

Legal grounds for processing data

  • We process your data in order to take steps at the request of the data subject prior to entering into a contract (Art. 6/1/b GDPR)
  • For marketing communications, we process the data as per your consent (Art. 6/1/a GDPR)
  • We will process the data for a legitimate interest if you are our customer, and if we believe that the information may be of great interest to you. (Art. 6/1/f GDPR)

Who do we share your data with

  • Contracted IT services providers (hosting, data storage), or providers to whom we outsource certain website-related technical support services, or providers of customer relationship management systems
  • Marketing company contracted for SEO optimization services
  • Contracted web infrastructure and website security company
  • Regulators and other state authorities, if required by legal or statutory requirements.

We will only disclose your personal data if it is strictly necessary to achieve the intended purpose. We have taken all the necessary actions to ensure that external service providers, who have access to your data, have also implemented physical, electronic and managerial security measures to protect your data.

How long will we store your data

  • We will not keep data older than 1 year from the last interaction.
  • For the data processed for a legitimate interest, if you already are one of our customers, we will continue to process your data for 3 years from the last time you received our services.

Where is the data stored

  • The data registered in our data management system will be stored on the hosting provider's servers, located in the European Union
  • The data we download locally will be stored on our secure, local and cloud servers located in the European Union or the US.

4. We process your data whenever you react to content posted on social media networks, or when you share information from our site

You can find us on Facebook, Instagram, LinkedIn and YouTube. Whenever you interact with us via our social media accounts (e.g., comments, likes, reviews, shares, etc.) we will have access to your publicly available data on your profile.

Personal data

Your name, photo, any publicly accessible information on your social media profile, or submitted voluntarily by you.

Legal grounds for processing data

  • We process your personal data to address your request before concluding a contract (Art. 6/1/b of Regulation (EU) 2016/679)
  • For our legitimate interest (Art. 6/1/f of Regulation (EU) 2016/679) in order to answer any questions, suggestions or complaints you may send us, and to improve our services and the experience we offer to our customers. In addition to our legitimate interest, the processing is performed to keep you up to date with any news that may be of interest to you.

Who do we share your data with

  • Contracted IT services providers to whom we outsource certain website-related technical support services, or providers of customer relationship management systems
  • Social media platforms: Facebook, Instagram, LinkedIn and YouTube
  • Marketing company contracted for SEO optimization services;
  • Contracted web infrastructure and website security company
  • Regulators and other state authorities, if required by legal or statutory requirements.

We will only disclose your personal data if it is strictly necessary to achieve the intended purpose. We have taken all the necessary actions to ensure that external service providers, who have access to your data, have also implemented physical, electronic and managerial security measures to protect your data.

How long will we store your data

  • We will not keep in our databases any data older than 1 year from the date of the last interaction
  • The data shared via the social media platforms will be stored by those platforms in compliance with their own policies.

Where is the data stored

  • The data registered in our data management system will be stored on the hosting provider's servers, located in the European Union
  • The data shared via the social media platforms will be stored by those platforms in compliance with their own policies, located either in the European Union or the USA
  • The data we download locally will be stored on our secure, local and cloud servers located in the European Union or the US

5. Facilitate an easy and pleasant site navigation

When you visit our site, we collect data about you via online identifiers (cookies and IP). The website automatically collects certain information and stores it in the log files.

We use this information to design our website so that we can better adapt to the needs of our users. We may also use your IP address to help diagnose any server malfunctions and to manage our site, analyse trends, track visitor movements, and collect general demographic information to identify visitor preferences.

For more information about cookies, as well as how to delete cookies and deactivate tracking, you can read our Cookie Policy.

Personal data

Internet Protocol (IP), general computer location, device (country level), website browsing history, timestamps, requests/actions

Legal grounds for processing data

We use cookies that make your website browsing easy and pleasant, for our legitimate interest (Art. 6/1/f GDPR)

Non-essential cookies are not used without your consent. (Art. 6/1 GDPR)

Who do we share your data with

  • Contracted IT services providers (hosting, data storage), or providers to whom we outsource certain website-related technical support services, or providers of customer relationship management system
  • Google
  • Marketing company contracted for SEO optimization services
  • Contracted web infrastructure and website security company
  • Regulators and other state authorities, if required by legal or statutory requirements.

How long will we store your data

See the Cookie Policy

Where is the data stored

  • Data is stored on servers located in the European Union (e.g. Google servers - in Ireland for third-party cookies)
  • The data we download locally will be stored on our secure, local and cloud servers located in the European Union or the US.

Does smilevision.ro safely collect and process the data?

We have implemented physical, electronic and managerial security measures in order to protect and secure the collected and processed data. However, keep in mind that no data transmission is guaranteed to be 100% secure.

If you suspect a data breach, please contact us immediately at: .

Important: After the data retention period ends, your data will be deleted. If we think that such data may help us improve the quality of our products or services, we will continue to use it only after its irreversible anonymization.

THE PROCESSING OF THE MINORS’ DATA

smilevision.ro is not intended for and does not knowingly collect information via the website from children under 18. Access to and use of the website by minors is considered to be done with the legal consent of the legal guardian. Furthermore, if we discover that a minor has used our site without the approval of the legal guardian, we will delete all personal data related to that minor.

INTERNATIONAL TRANSFERS OF PERSONAL DATA

Smile Vision shares personal data with its partners operating outside the European Economic Area ("EEA").

List of international partners with whom we share data:

  • Cloud provider: Apple
  • Third parties who place cookies: Google
  • Online platforms: Facebook, Instagram, LinkedIn, YouTube.

Personal data may be stored and processed in any country where we contracted service providers. We may transfer the personal data we store about you to recipients in countries other than the country where the personal data was originally collected, including the United States. These countries may have data protection rules different from those in your country. However, we will take action to ensure that any such transfers comply with the applicable data protection laws, and that your personal data is still protected, in compliance with the standards detailed in this privacy policy. In certain cases, the courts, law enforcement agencies, regulatory agencies or security authorities from those other countries may have the right to access your personal data.

Where the applicable law requires us to ensure that an international data transfer is governed by a data transfer mechanism, we will use one or more of the following mechanisms:

  • EU standard contractual terms with a data recipient outside the EEA or the United Kingdom
  • Checking if the recipient has implemented mandatory corporate rules
  • We will also ensure that all our international partners have implemented further measures to provide adequate and effective guarantees, enforceable rights and legal remedies. The purpose of these measures is to provide additional guarantees to data subjects that the data transfer performed under the standard contractual terms or mandatory corporate rules ensures a level of protection equivalent to that guaranteed in the European Union.

THE RIGHTS OF DATA SUBJECTS

As a data subject, you have specific legal rights regarding your personal data collected and processed by us. Smilevision.ro respects your rights and takes into account your interests.

Withdrawal of consent

If the processing is carried out as per your consent, you may withdraw your consent to such processing at any time.

Data rectification

If you notice that your personal data stored by us is incorrect, you can ask us at any time to rectify such personal data. We make every reasonable effort to keep the personal data - which are used continuously and in our possession or under our control - accurate, complete, up to date and relevant, based on the latest information available to us.

Processing restriction

If you are in one of the following situations, you can ask us to restrict the processing of your data:

  • you dispute the accuracy of your personal data for the period during which we have to verify the data’s correctness,
  • the processing is illegal, and you request the restriction of the processing rather than the deletion of your personal data,
  • we no longer need your personal data, but you request it in order to confirm, exercise or defend a right, or
  • you object to the processing while we check that our legitimate interests take precedence over your rights.

Access to your data

You can ask us for information about your personal data stored, including information regarding the data categories, what your data is used for, the source we collected it from, if the data we have is not collected directly from you, as well as to whom the data was disclosed to, if applicable. You can obtain a copy of your data from us, free of charge. We reserve the right to charge a reasonable fee for any abusive requests.

Right to portability

Upon request, and where technically possible, we will transfer your personal data to another controller, provided that the processing is necessary for the performance of a contract. Rather than receiving a copy of your personal data, you may request the transfer your data directly to another controller as indicated by you.

Right to erasure

You can request the erasure of your personal data if:

  • we no longer need your data for the purposes for which it was processed;
  • you object to the further processing of your personal data (see the Right to object below);
  • your personal data has been processed illegally;
  • you withdraw your consent based on which your data is being processed.

Unless processing is necessary:

  • to fulfil a legal obligation that requires the processing of such data;
  • in particular, to comply with the legal requirements regarding the data retention periods;
  • for the confirmation, exercise or defence of a right in court.

Right to object

You can object to the processing of your personal data at any time due to your special situation. In this case, we will no longer process your personal data, if we are unable to demonstrate justified, legitimate reasons and a major interest in the processing or confirming, exercising or defending a right. When you object to the data processing, please indicate whether you wish to delete your data or restrict the processing of such data.

Right to lodge a complaint

In the event of an alleged breach of the current privacy legislation, you can lodge a complaint with your data protection authority: The National Authority for the Supervision of Personal Data Processing, by filling in the online form available at: ANSPDCP complaints.

Important!

Period of time: We will try to solve your request within 30 days. However, the period may be extended for reasons related to the specific legal right, or to the complexity of the request.

Restriction of access: In certain cases, we may not be able to grant you access to all or part of your personal data due to the restrictions under the law. If we decline your access request, we will notify you of the reason for such a denial.

Failure to identify: In certain cases, we may not be able to identify your personal data due to a lack of identification elements in your submitted request. In such cases, if you fail to provide additional information to identify yourself, we will not be able to comply with your request in order for you to exercise your legal rights as detailed in this section.

Exercising your legal rights

To exercise your legal rights, please contact our Data Protection Officer in writing or via text at the email address .

This version was last updated on November 29, 2021.