This privacy statement was last modified on May 16, 2018.
This privacy statement describes how eMedvertise N.V., trading under the name Dokteronline.com, a limited liability company based in Willemstad, Curaçao (Kingdom of the Netherlands) at Mahaaiweg 6, collects and processes your (special) personal data.
Privacy-sensitive data, or personal data, are processed via Dokteronline.com. Dokteronline.com considers the careful handling of personal data to be of great importance. Personal data is, therefore, carefully processed and secured by us.
Despite the fact that eMedvertise N.V. is located outside the European Union, we adhere to the (applicable) European privacy legislation when processing personal data. This means, among other things, that:
- we restrict the collection of personal data to only the personal data necessary for legitimate purposes;
- we first ask you for explicit permission to process your personal data in cases where your consent is required;
- we take appropriate security measures to protect your personal data and also requirements of parties that process personal data at our request;
- we respect your right to provide your personal data for inspection, correct or delete.
Dokteronline.com is (partly) responsible for the data. In this privacy statement, we explain which personal data we collect and use and for what purpose. We advise you to read it carefully.
Personal data that we process
We may collect information when you register for our newsletter, create an account, place an order, contact our customer service or participate in other (interactive) functions on our website. This collected data may be personal data. We keep and use the personal data provided by you directly, as part of the service requested, or which is clearly stating that it has been given to us to process.
We use the following data for the purposes mentioned in this privacy statement:
- NAW data
- Phone number
- Invoice and/or delivery address
- Email address
- Payment details (bank account number)
- Date of birth
- Technical data such as an IP address
- Medical data
Purposes and bases of data processing
We collect and process your personal data for the following purposes:
- Granting access to your personal account on the website (www.dokteronline.com);
- Creating an account, providing services and communicating with you;
- Informing you (digitally) if required about eHealth issues and related topics;
- Organising, handling and checking the order that you have provided to us;
- Enabling independent doctors to whom Dokteronline has access to provide you with an e-consultation on request;
- Enabling the independent pharmacies to which Dokteronline has access to sell and deliver certain products on request;
- to carry out an identity check if you want to obtain certain medicines via the independent pharmacy;
- Carrying out analyses and research to improve our services and website;
- Determining your (browsing, searching and/or buying) behaviour when visiting or using our website in order to provide you with targeted information ('profiling').
The doctors and pharmacies to whom we have access perform their work independently of Dokteronline.com and without Dokteronline.com being in any way responsible for the nature and/or quality of the services and/or products delivered. For the purpose of requested e-consultations and/or products, Dokteronline.com collects your (medical) personal data for the doctors and/or pharmacies. This data is located on a secure platform from Dokteronline.com. Employees of Dokteronline.com do not have access to this medical information. The personal data in question is only accessible to the treating physician and/or pharmacist. We have made agreements with these doctors and pharmacies to guarantee your privacy rights.
Contact customer services and newsletter
We offer via our website the possibility to ask questions (by telephone or another medium) via our customer services, asking you to provide various information to deal with your question. You choose which information you provide. The data that you send us will be kept for as long as the nature is required for the complete answering and processing thereof.
We offer a newsletter with which we want to inform interested parties about eHealth in the broad sense and/or our services. Each newsletter contains a link with which you can unsubscribe. You can indicate by means of an explicit opt-in that you wish to receive the newsletter.
By using our services, your e-mail address is automatically added to a contact list so that we can send a service message by email in the event of adjustments, incidents or developments at our website or our services.
We do not publish your customer data.
Transfer to countries outside the EU
Dokteronline.com has a worldwide technical infrastructure. Therefore, your personal data may be transferred to the United States or other countries outside of Europe, where the privacy protection regulations may not offer the same protection as in the European Union. You hereby agree, insofar as necessary, that your personal data may be transferred to the United States or other countries outside of Europe. Dokteronline.com will, however, take appropriate measures in such cases that are reasonably necessary to ensure that your data is protected as well as possible.
Provision to third parties
We provide your personal data to third parties ("processors") and affiliated companies to Dokteronline.com to organise, direct and monitor rights and obligations, including services and payments arising from the agreement concluded with you. We have concluded agreements with the aforementioned third parties, in which we ensure that the further processing of personal data by these third parties also complies with the applicable privacy legislation. In addition, Dokteronline.com provides your personal data to other third parties; often for marketing purposes. We only do this with your explicit consent.
We take security measures to limit abuse of and unauthorised access to personal data. In particular, we take the following measures:
- access to personal data is protected with a username and password;
- the data is stored after receipt in a separate, protected system;
- we take physical measures for access protection of the systems in which personal data are stored;
- our (technical) equipment and infrastructure suppliers comply with applicable ISO standards, such as ISO-27002;
- We use secure connections (Secure Sockets Layer or SSL) which protects all information between you and our website when you enter personal data.
Retention periods and account deletion
The personal data described above are retained as long as your account has an active status. Your account - including the associated personal data - will be deleted by Dokteronline.com if you have not logged in for 4 year here, or after 4 year after your last order via Dokteronline.com. Your personal data will, however, be kept longer if there is a legal obligation to do so (such as the fiscal retention of seven years for payment data and 15 years for medical data).
Access, correction and deletion of your data
If you wish, Dokteronline.com can provide you with an overview of your personal details that are known to us. Most of this data can be viewed through your My Dokteronline account. If this information proves to be incorrect or if it is stored in conflict with the applicable laws and regulations, we will correct this information.
You can also appeal to the right to forget. In such a case, your account and all associated personal data - to the extent permitted by law - will be permanently deleted or anonymised.
If you do not agree with a certain processing of your data - including, for example, the automated processing of your personal data ('profiling') for direct marketing purposes - you can object to this at any time.
You are entitled to data portability. This means that you have the right to receive the personal data you have provided to us in a usable form. Dokteronline.com will send your data in XML format.
Withdrawing previously given permission
If you have given us permission for the processing of your personal data, you can withdraw this consent at any time.
You can exercise the above rights and any other rights that you have under the applicable privacy laws by sending a request to firstname.lastname@example.org. We will respond to your request as soon as possible, but in any case within 4 weeks or respond to otherwise.
You can also withdraw or object to your permission to send marketing messages at any time; follow the instructions in the relevant marketing message or send an e-mail to email@example.com.
Third party websites
This privacy statement does not apply to websites of third parties that are connected to our website by means of links. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We encourage you to read the privacy statement of these websites before using these websites.
We use Google Analytics to keep track of how visitors use our website. We have concluded an agreement with Google to make agreements about the handling of our data. Furthermore, we have not allowed Google to use the obtained Analytics information for other Google services. Finally, we will anonymize the IP addresses.
Changes to this Privacy Statement
We reserve the right to make changes to this privacy statement. It is advisable to consult this privacy statement regularly so that you are aware of these changes.
Leading supervisor: Authority for Personal Data
We are. of course, happy to help you if you have complaints about the processing of your personal data. Under the privacy legislation, you also have the right to file a complaint with the national privacy regulator against this processing of personal data. Because Dokteronline.com carries out cross-border data processing, we have designated the Dutch privacy regulator as the leading supervisor. This is the Authority for Personal Data.
Data Protection Officer
We have appointed a Data Protection Officer to ensure that we continuously process your personal data in an open, accurate and legal manner. If you have any questions about the processing of your personal data, please contact our Data Protection Officer at firstname.lastname@example.org. You can also contact our Data Protection Officer if you have questions, comments or complaints about this privacy statement.