Privacy Policy

At our clinic, headquartered in Anixi, Attica, 80 Marathonos Ave., Tel: 210-8004544, Email: [email protected], Website: www.uniqskin.gr (hereinafter referred to as “the Clinic”), we process personal data of our clients for the purposes of conducting our business activities in compliance with the obligations set forth by the applicable legal framework. At our Clinic, we take appropriate measures to protect the personal data we process and ensure that the processing is always carried out in accordance with applicable national legislation and the European Regulation (EU) 2016/679 (GDPR).

This document contains the personal data protection policy of our Clinic and applies both to physical premises and to digital environments and applications owned by the Clinic and related to its activities.

Personal Data We Collect

Our Clinic collects and processes your personal data only when absolutely necessary to achieve its intended purposes. Specifically, the personal data we collect and process include, but are not limited to, the following:

  • Patient identity information (full name, father’s name, mother’s name, date of birth/age, gender, ID card number, passport number, tax identification number (TIN), profession, etc.), as well as third-party information such as relatives (e.g., name, surname, father’s name, ID card number, etc.).
  • Contact details (postal address, landline and mobile phone, email) for communication purposes, sending test results, or sending newsletters about services, news, and offers.
  • Insurance details (social security number, health book number/registration number, insured person’s code, insurance fund or company, insurance relationship, group or individual policy number, coverage code, policy start/renewal date, insurance coverage expiration date, policy status, covered members, etc.).
  • Health data, particularly related to the medical services provided by the Clinic (clinical symptoms, personal and/or family medical history, medications and treatments, medical diagnoses and reports, disabilities, surgeries, any health data not provided by the Clinic but disclosed by you or an accompanying person necessary for health assessment and service provision, biological samples and genetic data for laboratory testing, photographs for health monitoring with your consent, etc.).
  • Payment details (bank card information, etc.).
  • Website browsing data (such as the Internet Protocol (IP) address of your device, the browser type used, etc.). For more details on cookie usage, please refer to our Cookies Policy.
  • Image and video data from Closed Circuit Television (CCTV) and security cameras to ensure the safety of individuals, property, and facilities, in compliance with applicable laws.
  • Candidate employee data included in submitted resumes or related forms (e.g., name, surname, contact details, education, work experience, etc.).
  • Employee data (such as name, surname, father’s name, mother’s name, gender, date of birth, home address, phone number (landline/mobile), email (corporate/personal), nationality, marital status, number of children, birth/marital certificates, ID details, TIN, tax office, IBAN, educational qualifications, professional certifications, military service certificates, training, work experience, hiring date, payroll details, benefits, evaluation reports, etc.).
  • Supplier and partner data.

Purposes of Personal Data Processing

The personal data collected by the Clinic are used for the following processing purposes:

  • Providing healthcare services (scheduling medical appointments, delivering medical services, medical diagnosis, sending/delivering medical test results, using the e-prescription system, etc.).
  • Telephone communication for scheduling follow-up visits.
  • Statistical analysis of website traffic and usage.
  • Safeguarding and protecting the legitimate interests of the Clinic and individuals (e.g., patients, visitors).
  • Sending newsletters about new services and offers (with prior explicit consent).
  • Recruiting employees or contracting with external partners and suppliers.
  • Ensuring the Clinic’s compliance with legal obligations (e.g., compliance with the Medical Ethics Code (Law 3418/2005), tax and insurance regulations, etc.).

Transfer of Personal Data

Our Clinic may transfer personal data to third parties who process them on our behalf. In such cases, we remain responsible for the processing of your personal data and sign special agreements with the third parties to ensure compliance with applicable legal frameworks.

Retention Period of Data

Your personal data is retained for as long as required by the purpose of processing and/or applicable legal frameworks.

According to Article 14 of Law 3418/2005 (Medical Ethics Code), maintaining medical records is mandatory, including:

  • Full name, father’s name, gender, age, profession, patient address, visit dates, health complaints, reason for visit, primary and secondary diagnosis, prescribed treatment, clinical and laboratory test results.

This record is retained for 10 years after your last visit.

Job applications and attached resumes are kept for two (2) years and then securely destroyed or deleted.

Personal Data Security

The Clinic takes necessary technical and organizational measures to protect your personal data. This includes installing a video surveillance system (CCTV) and an alarm system. Additionally, the Clinic implements digital security measures (antivirus software, firewalls, etc.).

Access to Personal Data and Rights

When you submit a request to exercise any of the above rights, our clinic must respond within one month, either by fulfilling the request (e.g., providing you with a copy of your medical records) or by justifiably rejecting it (e.g., denying a deletion request due to legal obligations requiring retention for 10 years) or by explaining any delay. This deadline may be extended by two (2) additional months if necessary, considering the complexity and number of requests. In such cases, the Clinic will inform you of the extension within one (1) month of receiving your request, including the reasons for the delay. If the request is submitted electronically, the response will be provided in the same manner unless otherwise requested. If your request is manifestly unfounded or excessive, the Clinic may require a reasonable fee or refuse to respond.

Data Controller – Data Protection Officer (DPO)

For any issues related to the processing of personal data, please contact the Data Protection Officer (DPO) directly at email: [email protected], phone: 210-8004544.

For more information, please contact us

Leof. Marathonos 80, Anoixi 14569

+30 210 8004544
+30 6943009046
[email protected]
Book an appointment