Privacy Policy
As of May 25, 2018, the General Data Protection Regulation (GDPR) applies across the entire EU, ensuring uniform privacy legislation for all member states.
Purpose of Data Processing
As an osteopathy practice, we are legally required to collect and store personal data, including information about a client’s physical complaints. This data is securely stored in our protected software system, Crossuite.
At Osteopathie Peeters, we place great importance on safeguarding the privacy of our website users.
To protect your data as effectively as possible, we adhere to the following core principles:
– Transparency: We aim to inform you clearly about how and why we process personal data. This is detailed in our privacy policy.
– Data Minimization: We strictly limit the collection of personal data to what is necessary for the proper functioning of the website and the services you use.
– No Marketing Based on Personal Data: We do not share personal data for marketing purposes and only send commercial mailings with your explicit consent.
– Data Confidentiality: Your personal data is not shared with third parties unless required to deliver a requested service or comply with legal obligations.
– Security Measures: We implement appropriate security measures to protect your personal data and require third parties processing data on our behalf to adhere to strict privacy and security standards.
– Respect for Your Rights: Under applicable laws, you have various rights regarding your personal data. This privacy policy explains how we uphold and protect these rights.
How Do We Use Your Personal Data?
Depending on the services offered via our website, the personal data you provide may be used for the following purposes:
– Appointment Scheduling and Registration: If you register via our website or book an appointment, we use the provided information solely to manage your registration and schedule your appointment.
– Medical Records: If you provide medical information, it may be included in your medical record, but only if legally permitted or with your explicit consent.
– Contact Form: If you reach out via the contact form, you will be asked to provide your name and contact details along with a description of your inquiry. This data is used exclusively to process your request and improve our services.
We do not use your personal data for any other purposes without your prior consent, unless required by law.
Legal Basis for Data Processing
We process your personal data based on the following legal grounds:
– Contractual Necessity:To fulfill agreements related to our services, such as handling your registration or appointment.
– Explicit Consent: To process medical data or grant access to specific services, only after obtaining your explicit consent.
– Legal Compliance: To process and maintain medical records where required by law.
What Personal Data Do We Collect?
When you use our website, you may provide certain personal data. We only collect and process data that is either directly provided by you or clearly intended to be shared with us for processing. Depending on the services you use, we may collect the following information via the website:
– Contact details (email address, phone number)
– Name, address, and place of residence
– Gender and date of birth
– Health-related information
Sharing of Personal Data with Third Parties
Your personal data will not be shared with third parties unless they are directly involved in fulfilling an agreement between you and us or if we are legally required to do so.
– Crossuite: We process personal and medical data using Crossuite, a specialized healthcare platform designed for secure data processing. This platform meets the highest standards for information security in healthcare (ISO 27001 and NEN 7510 certification).
– Website Security: Our website (osteopathiepeeters.nl) uses HTTPS encryption. HTTPS is a secure protocol that encrypts internet traffic using TLS, ensuring that all communication between our website and visitors is fully encrypted. This applies to our contact form as well.
– Zorgmail: We use Zorgmail to send encrypted reports to general practitioners regarding patient intake, progress, and final assessments. We only share information via Zorgmail if we have obtained prior consent from the client.
– External Organizations: If law firms or personal injury companies request information, we will only share personal data with them if the client has provided explicit written consent.
Data Security Measures
We take the protection of your personal data seriously and implement appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure, and unauthorized modifications. If you believe your data is not adequately secured or suspect misuse, please contact us.
How Long Do We Retain Your Data?
Your personal data will never be stored longer than necessary to fulfill the purposes outlined in this privacy policy or on our website. However, in cases where legal obligations require us to retain data, we will comply accordingly.
Personal and medical records are stored for a minimum of 15 years, in accordance with legal requirements.
Third-Party Websites
This privacy policy does not apply to third-party websites linked to ours. We cannot guarantee that these third parties handle personal data in a secure and responsible manner. We strongly advise reviewing the privacy policies of external websites before using them.
International Data Transfers
We do not share personal data with organizations outside the EU or with international organizations. Additionally, we never share personal data with external parties without the explicit consent of the individual concerned.
Your Rights: Access, Modification, and Deletion of Data
You have the right to:
– Access, correct, or delete your personal data
– Withdraw consent for data processing at any time
– Object to the processing of your personal data
– Request data portability, meaning you can request that the personal data we hold about you be transferred to you or another organization in a digital format
To make a request, please send a written request to our contact details below. We will respond as soon as possible. You may be asked to provide identification to ensure that we do not alter or delete information for the wrong person.
Filing a Complaint
If you wish to file a complaint regarding the privacy and/or security of your data within Osteopathie Peeters, you can submit your complaint by post to:
Osteopathie Peeters
M.J.G. Peeters
Leidseweg 155
2253 AB Voorschoten
Additionally, you can contact the complaints and dispute resolution committee of our professional organization, NRO. For more information, please visit: www.osteopathie-nro.nl.
Mandatory Provision of Personal Data
To receive treatment, you are required to provide certain personal data. If you choose not to provide this information, we will be unable to proceed with your treatment.
By scheduling an appointment, you consent to the processing and storage of your personal and medical data in accordance with GDPR regulations.
Data from Other Organizations
We may receive information from general practitioners or medical specialists. This data is securely stored in Crossuite, our encrypted healthcare platform.
If data is received from other organizations, we verify the information with the relevant client and determine how to proceed in consultation with them.
Use of Analytical Cookies
Google Analytics
If Google Analytics is activated on our website, cookies may be placed by Google LLC, an American company, as part of their analytics service.
We use Google Analytics to monitor website traffic and analyze visitor interactions. The collected data is stored on Google’s servers in the United States.
Google adheres to the Privacy Shield framework established by the U.S. Department of Commerce, ensuring an adequate level of data protection.
Changes to This Privacy and Cookie Policy
We reserve the right to modify this privacy and cookie policy. We recommend reviewing this page regularly to stay informed about any updates.
Data Protection Authority
Osteopathie Peeters would like to inform you that you have the right to file a complaint with the data protection authority in your country of residence.
In the Netherlands, this authority is the Autoriteit Persoonsgegevens.
Questions and Feedback
We regularly review our privacy policy to ensure compliance. If you have any questions regarding this policy, please feel free to contact us using the details below:
Contact Information
Osteopathie Peeters
M.J.G. Peeters
Leidseweg 155
2253 AB Voorschoten
Email: info@osteopathiepeeters.nl
Phone: 071-5619349
Chamber of Commerce (KvK) number: 62695851
