PRIVACY POLICY

Revised on 24.10.2022

Thank you for choosing to visit our website https://hyperbarium.com/ (hereinafter referred to as the website). The security of your data is crucial to us; we strive to use your data only for the purposes anticipated by you, solely to provide you with a safe and informative experience.

Through this Privacy Policy (hereinafter referred to as the Policy or Policies) we will inform you, the data subject (natural person whose personal data we process) about the personal data processing activities we carry out under EU Regulation No. 679/2016 (hereinafter referred to as GDPR).

By continuing to browse, you acknowledge and agree to this Policy. If, for any reason, you feel that our Policy does not meet your expectations, please discontinue your interaction with the site and contact us personally at the contact details provided in the Contact section.

1. Who are we?

The website https://hyperbarium.com/ is owned, maintained and operated by CENTRUL DE MEDICINĂ HIPERBARĂ S.R.L. (hereinafter referred to as Hyperbarium), a legal entity of Romanian nationality, with a registered office in Oradea, Calea Clujului 292/A, County Bihor, registered with ORC Bihor under no. J05/724/2022, CIF 45829930, acting as a personal data operator.

Hyperbarium is primarily active in the field of medical oxygen therapies.

The website contains an informative and promotional presentation of Hyperbarium's services and is designed to help you understand Hyperbarium's business profile and decide whether to contact us to schedule an appointment or a specialist consultation.

Alternatively and complementary to the website, Hyperbarium owns or controls a number of accounts or open pages on social networks or search services. These Policies may also govern your interaction with Hyperbarium through the following networks or services: Google Maps, Facebook, Instagram, LinkedIn, YouTube

2. The personal data we collect.

By visiting and browsing our website you may provide us with certain information about yourself that may directly or indirectly lead to your identification. Such information represents personal data, which Hyperbarium will process in accordance with the rules imposed by the GDPR.

2.1 Data provided by you.

If you choose to contact us via the contact form or via the contact details found in the Contact section, we will ask you to provide us with personal data that will facilitate communication with you, such as name, surname, telephone number, and e-mail address.

If you choose to contact us via search services or social media we will ask you to provide us with personal data that will facilitate communication with you, such as name, surname, and social media identifier (username, URL, QR code, etc.).

If you subscribe to our newsletter, we will ask you to provide us with the email address where you would like to receive news or promotions from Hyperbarium.

If you choose to interact with content distributed by Hyperbarium via social media (by reacting, commenting or sharing content) or if you compose reviews in relation to Hyperbarium's services, such actions may be considered by Hyperbarium as your intention to contact Hyperbarium, in which case the data found in that interaction may be processed to facilitate communication with you.

2.2 Special categories of data.

Your health data and biometric data are special categories of personal data, which Hyperbarium may choose to process exclusively by medical, paramedical or specially trained personnel, following a personal medical consultation on Hyperbarium premises.

We do not recommend that you submit health or biometric data to us via the Contact section or via social media or services as these communication channels are not always monitored by Hyperbarium medical, paramedical or specially trained staff. If, however, you choose to submit such special categories of data to us prior to receiving a personal medical consultation at Hyperbarium, please include in your written correspondence an unequivocal statement of your express consent to the processing of the special categories of data.

Hyperbarium reserves the right to immediately delete special categories of data received prior to a personal medical consultation at Hyperbarium and to invite the sender to schedule such a consultation.

2.3 Data we collect automatically.

When you visit our website, we may automatically collect a range of information including, but not limited to, your IP address, the date and time you accessed the website, the hardware (e.g. PC, phone, tablet, smart TV, etc.) and software (e.g. operating system, browser, settings, etc.) resources you use, the language in which you accessed the website or the location from which you visit the website.

2.4 Cookies policy.

Some information about your visit and interaction with the site may be collected automatically through cookies, which are small, alphanumeric digital files stored on your internet-connected device by your web browser.

Our website may use the following categories of cookies:

  • Necessary - inherent to visiting the site; without them, the site cannot be displayed and cannot function as designed by the site creator;
  • Functional - enhances or improves the experience of visiting the site by providing additional features such as remembering settings, forms, chat options etc.;
  • Statistics and performance - helps us understand how our site works, how you interact with the site, and how we can improve your experience and visitor interaction with the site; sometimes such cookies facilitate site security monitoring in Hyperbarium's legitimate interest to protect the site;
  • Promotional - these are cookies placed by third parties to facilitate the targeting of personalised advertising messages based on how you interact with the site.

In general, the data collected through cookies is anonymous and cannot lead to your identification. In the event that some cookies collect data that allows you to be identified, the data so collected will be subject to this Policy.

Please note that some cookies stored on your device are not automatically deleted after each visit to the site, but you can delete them manually by accessing the history settings of the browser you are using.

3. On what basis do we process the data?

The data presented in these Policies are processed primarily on the basis of your consent to data processing. Whenever you choose to contact us via the contact details found in the Contact section or via social media or search services we will assume that you agree to record your message and respond accordingly.

When you contact us to make an appointment within Hyperbarium or to request an offer in relation to Hyperbarium services, processing takes place on the basis of these approaches at your request, prior to the conclusion of a contract or for the performance of a contract.

Some data may be processed to pursue and protect Hyperbarium's legitimate interests, such as to conduct business, promote its services, organize customer and/or patient relations, optimize the operation of the site or monitor site traffic to prevent cyber attacks.

4. How, for what purpose and on what grounds do we use the collected data?

4.1 Communicating with you.

We use the personal data you have provided to us to contact and communicate with you. We will only use the data necessary for this purpose, as not provided by you, your authorised representatives or your legal representatives. Such actions can only take place with your consent.

If you receive any type of communication from Hyperbarium without ever contacting us first, please report the situation to us as soon as possible to investigate the incident and rule out any risk of fraud, identity theft or data leakage.

Reasons why we may contact you include:

  • Answering your queries about Hyperbarium services;
  • Confirming or reconfirming an appointment;
  • Transmission of contractual documents;
  • Regulation of financial details in relation to Hyperbarium services;
  • Requesting feedback or a review of Hyperbarium services;
  • Hyperbarium's reaction or response to your feedback or review.

4.2 Marketing activities.

We use your contact details to engage you in marketing activities that may be organised by Hyperbarium. Such actions can only take place with your consent.

Such activities may include:

  • Using your email address to send you our newsletter about our products, services and promotions. Your previous interaction with Hyperbarium or the website may be used to customize the content of the newsletter. You can unsubscribe at any time by clicking on the unsubscribe option at the end of each newsletter;
  • Using your phone number to inform you of periodic, temporary or exclusive promotions;
  • Using your contact details to offer you to sign up or participate in marketing research.

4.3 Improving the quality of our services.

Hyperbarium is a commercial company and the continuous improvement of service quality is a legitimate business interest that justifies the processing of certain categories of data.

We may use personal data such as your location, how and how often you have interacted with the site, our social media accounts or our services, and your feedback or reviews in order to improve the quality of our site and services.

Occasionally, certain categories of site traffic and site interaction data may be processed for site security monitoring purposes in consideration of our legitimate interest in preventing and/or combating cyber attacks.

5. To whom do we disclose processed data?

As a matter of principle, Hyperbarium does not make the collected data available to any other person.

Data may only be disclosed in isolated situations where this is necessary for the purposes of proper data processing; potential recipients may be:

  • Business partners, where you request information or services that require Hyperbarium to procure specific resources (e.g. equipment, devices, substances, etc.) or Hyperbarium to collaborate with third parties that organise integrated services (e.g. medical tourism);
  • Competent public authorities, when access to data is granted to them by law or when the disclosure of the data aims at protecting the legitimate interests of the data subject or protecting an overriding public interest (e.g. public health, prevention or detection of criminal or fraudulent behaviour, etc.).;
  • Other circumstances where we will ask for your prior consent to disclose data.

6. Persons authorised to process data.

Some processing activities will not be carried out through Hyperbarium employees or through Hyperbarium's technical resources, but through persons empowered by Hyperbarium and resources owned by them.

The scenarios for processing by authorised persons concern:

  • IT services and solutions necessary for the organisation of the business (e.g. hosting and maintenance of the website, hosting and maintenance of the e-mail service, configuration and maintenance of devices used for data storage and/or processing, etc.).;
  • Customer relations and marketing services (e.g. management of Hyperbarium accounts on social networks or search services, newsletter submission, etc.);
  • Legal and financial-accounting consultancy services.

Processors will be bound by legal, statutory or contractual obligations of confidentiality and will be obliged to respect the confidentiality of personal data at least to the standard defined by these Policies.

7. How long do we keep personal data?

We will retain personal data processed under these policies for as long as it is needed for the purpose for which it was collected. We will make reasonable efforts to delete any data that is redundant or no longer necessary for the purpose for which it was collected.

Accounting data will be kept for a legal period of 5 years.

In order to protect Hyperbarium's legitimate interests relating to legal certainty and the right of defence, other categories of data will be retained for at least the general limitation period of 3 years from the data subject's last interaction with Hyperbarium. If the 3-year period expires, but there are indications that the data subject will request or access Hyperbarium services in the future, the 3-year period may be extended.

8. Your rights.

We recognise and respect all your rights under the GDPR in particular:

  • The right to access and request a copy of the personal data we hold about you;
  • The right to rectify any inaccurate or incomplete personal data;
  • The right to object to or restrict our use of your data;
  • The right to the erasure of your personal data in cases where you withdraw your consent, the processing is no longer necessary or the processing is contrary to law;
  • The right to data portability, which allows you to receive a copy of your data processed by us or to transmit it to another entity indicated by you;
  • The right to object to the processing of your data;
  • The right to withdraw your consent for processing based on consent;
  • The right to lodge a complaint with the competent authorities, in particular, the National Supervisory Authority for Personal Data Processing (based in Bucharest, Blvd. Gheorghe Magheru no. 28-30, tel.: 031 80 59 211 /031 80 59 212, anspdcp@dataprotection.ro).

You may contact us to exercise any of these rights or for any other questions or information about these Policies using the contact details in the Contact section.