Vagodent OÜ is required to protect the privacy of the clinic’s patients and to ensure a secure and lawful processing of data. The principles of processing personal data applicable at Vagodent OÜ are applied if a patent has expressed the intention to use or has already used the healthcare services provided by Vagodent OÜ. All the principles applied comply with the legislation in force in the Republic of Estonia and in the European Union.
I Definitions
1. A patient – a natural person who has used or expressed an intention to use the healthcare services provided by Vagodent OÜ.
2. Personal data – any information relating to an identified or identifiable natural person.
3. Processing of personal data – any operation performed on personal data or on sets of personal data (incl. collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction).
4. Health-related data – the personal data which are related to a natural person’s physical or mental health, such as the data about provision of healthcare services to the person which include information about their health condition.
5. Vagodent OÜ (Vagodent) – Sütiste tee 17, Tallinn.
II General provisions
2.1 Vagodent applies legal, physical, information technology, and organisational measures to ensure the secure processing of personal data.
2.2 Vagodent may use data processors. The data processors will apply the same principles to processing personal data that are applied by Vagodent.
III Categories of personal data
We collect the following personal data from the patient and from registers:
1. Personal data which enable identification of the patient – the patient’s name, personal identification code.
2. The patient’s contact details – mobile phone, phone number at home, home address, e-mail address.
3. The patient’s health insurance data – validity of the health insurance in the Health Insurance Fund.
4. The patient’s health-related data – personal data which are related to a natural person’s physical or mental health, such as the data about the provision of healthcare services to the person which include information about their health condition. The patient’s health-related data may be obtained from the patient (or the patient’s representative) or from e-Health Records.
5. The patient’s financial data – regular income and monthly obligations (e.g. monthly loan and lease repayments; used credit card or overdraft limits).
6. The patient’s area of activity, occupation – the patient’s area of activity (e.g. entrepreneur, specialist/official, service provider) and occupation (e.g. name of the company and position).
IV The purposes of and grounds for processing personal data
Personal data are processed at Vagodent for the following purposes and on the following grounds:
4.1 For the provision of dental care services – to prevent or treat oral cavity and dental diseases.
4.2 To provide the option to pay in instalments, if desired by the patient. The patient is only required to disclose their financial data (incl. area of activity and occupation) of they wish to pay in instalments. The obligation to process personal data arises from the Creditors and Credit Intermediaries Act.
4.3 For the purpose of conducting patient satisfaction surveys with the patient’s prior consent.
V Transferring personal data
Vagodent has the right or is under the obligation to transfer the personal data which enable identification of the patient and the patient’s contact details:
5.1 To the companies in cooperation with whom Vagodent offers the option of payment in instalments. The obligation to transfer arises from the Creditors and Credit Intermediaries Act and from contracts.
5.2 To the companies providing credit management services. The data is only transferred if the patient has overdue financial obligations to Vagodent. The right to transfer the data arises from the Law of Obligations Act.
5.3 To commercial undertakings or state authorities if the obligation to transfer the data arises from the law.
VI Transferring health-related data
Vagodent has the right or is under the obligation to transfer the patient’s health-related personal data to the following authorities / commercial undertakings:
6.1 The health information system (e-Health Records). The details of the patient’s visits are transferred. The obligation to transfer arises from the Health Services Organisation Act.
6.2 To the Estonian Health Insurance Fund. Details of a visit are transferred if the dental service provided is paid for by the Estonian Health Insurance Fund. The obligation to transfer arises from the Health Insurance Act and from the contracts entered into by Vagodent and the Estonian Health Insurance Fund.
6.3 To other healthcare institutions (incl. dental laboratories). The health-related data which are required for providing medical services to the patient or for performing prosthetic operations are transferred.
6.4 To commercial undertakings or state authorities if the obligation to transfer the data arises from the law.
VII Disclosure of personal data
The personal data collected by Vagodent are disclosed:
7.1 if requested by the patient or the patient’s legal representative.
7.2 if the obligation to disclose arises from the law.
VIII Retention of data
8.1 Vagodent retains the patient’s health-related data for 110 years after the birth of the patient. The obligation to do so arises from the following regulation: ‘The conditions and procedure for maintaining records of the provision of health services and preservation of the documents thereof’.
IX The patient’s rights
9.1 The right to access the personal data about them (incl. receive print-outs or copies of the personal data about them).
9.2 The right to request rectification of the personal data about them if the data are incorrect or inaccurate.
9.3 The right to request deletion of their personal data, if permitted by the law.
9.4 The right to withdraw their consent to participate in the patient satisfaction survey.
9.5 The right to submit claims to the Estonian Data Protection Inspectorate (www.aki.ee Väike-Ameerika 19, 10129 Tallinn), if the patient finds that processing of personal data is not compliant with applicable legislation or violates their privacy.
X Contact details of the Data Protection Officer
10.1 Patients may address requests or complaints concerning the processing of personal data to the Data Protection Officer of Vagodent by telephone: 6776030, 6776031, 56216158; e-mail: info@vagodent.ee; or postal address: Sütiste tee 17, 13419 Tallinn.
XI Analytics
11.1 Vagodent.ee uses the Google Analytics software to measure the visits to the website. The data obtained help to understand the visitors’ behaviour on the website, as a result of which, we can make using the website more convenient for the visitors. The Google Analytics software uses several cookies that allow us to determine whether or not the visitors have visited the website before. If you have such cookies on your computer, the browser will notify us of this; if not, we will offer the cookies to your browser. This enables us to determine the number of unique visitors to the website, as well as the frequency of their visits. The cookies are only used for statistical purposes and they do not enable the identification of individual users. The personal data of the visitors are not transferred to Google. The main cookie used by Google Analytics is ‘__ga’.
11.2 Other cookies – the website of Vagodent.ee contains content from third parties (e.g. Facebook cookies).
11.3 Restriction or rejection of cookies – for this purpose, the user must adjust the settings of their browser based on their preferences.