Privacy and the use of your personal data
The Body Clinic attaches the highest importance to the protection of your data. We only use your data to keep your medical dossier up-to-date in order to provide you quality care; to inform you about your upcoming appointments; to ensure a satisfactory web experience, and—if desired—to send you our newsletter and related issues.
The Body Clinic only collects data necessary to our services. We respect your privacy and data. We never share your data with partners, unless:
- you give us consent to do so,
- we are legally bound to do so.
For customer contact to run smoothly, we collect the following information:
- The personal information you give us when visiting our website;
- The personal information we need to meet your requests for information or to adequately handle other questions.
Examples include your email address and your contact information. We use this data to carry out customer contact. We only process your data for the purpose for which you have lent to it us.
The Body Clinic observes the following legal principles
- Legal basis: processing of personal information will only occur when 1) unambiguous consent has been granted for this, or 2) it is necessary for a number of exhaustively listed interests (among which the broad term “justified interest”).
- Purpose limitation: personal information will exclusively be processed to explicitly defined and justified ends, not to just any end.
- Data minimisation: no more personal data than ultimately necessary is processed.
- Appropriate security: we always take the appropriate technical and organisational measures to safeguard the processing of your personal data.
We process your personal information in line with the General Data Protection Regulation (AVG). All partners brought in by us to handle the implementation of our services follow these same rules.
The Body Clinic is a collective of cosmetic doctors. The Body Clinic owns two private cosmetic clinics: one in Amsterdam and one in Duiven (near Arnhem). Your personal data is treated and safeguarded with the highest level of care and confidentiality. The Body Clinic processes personal information in accordance with the General Data Protection Regulation (AVG).
What comprises personal information?
Personal information comprises data by which you can be identified. Personal information can identify you directly or indirectly, that is: in combination with other data. Examples include your name, address and place of residence, date of birth, phone number and email address. An SSN/NIN, your login details or an IP address also qualify as personal information.
Collection and purpose of personal data processing
You can find the legal basis for processing your personal data in the AVG, Article 6, Lawfulness of Processing Personal Information.
The Body Clinic might collect personal data from all people to whom we render services, with whom we are in contact, who work for us or who visit our website. We always process your personal data in a lawful, respectful and transparent manner and never store your data longer than is necessary.
We collect the following categories of personal information:
- Particulars (e.g. name, address, place of residence, birthdate, gender, (mobile) phone number, email address)
- Email preferences (e.g. whether you have subscribed to or unsubscribed from our newsletter)
- Interaction information (e.g. your IP address, operating system, cookie IDs, surfing behaviour and which pages you visit on our website, open and click behaviour via our emails, preferences, opinions, needs, social media use or contact with our customer service).
All of these data are treated as private information.
The Body Clinic collects this information itself and possibly via third parties who, for example, might extend services on The Body Clinic’s behalf. The Body Clinic ensures that this information is destroyed when it is no longer relevant. Erasing this data is a secure process. Safeguarding your personal data is crucial, so we take zero risks when deleting this information too.
The Body Clinic processes personal data to the following ends
- To adequately provide our care and services.
- To improve the user-friendliness of our websites
- For internal (quality) analyses and product development. We use this information to improve our products and services.
Emails are confidential
The information in an email is confidential and is only intended for the addressee. Should you receive an email not intended for you, please contact the sender. In addition, we ask you to delete this email and not to publish its contents. If you make an appointment with us, you will receive a confirmation via email or text. This message will contain with whom you will be meeting, where and when the appointment will take place and a few tips. If you would no longer like to receive confirmation emails or texts, please contact us at [email protected] or via 020 4638668.
Your rights as data subject
You possess a number of rights as person involved:
- You possess the right of access to your personal data;
- You possess the right to rectify your personal data;
- You possess the right to limit your personal data;
- You possess the right to remove your personal data;
- You possess the right to object to the processing of your personal data;
- You possess the right to request your data be transferred to a different controller;
- You possess the right to retract your earlier given consent;
- You possess the right not to be subject to automated decisions;
- You possess the right to lodge a complaint with the Dutch Data Protection Authority (Dutch DPA) should you not be satisfied with the manner in which The Body Clinic treats your data. The Dutch DPA is obligated to handle these complaints.
As the responsible party, The Body Clinic must ensure the proper determination of the applicant’s identity. After the identity of the applicant has been established, he or she will have the right to access their personal information. If you submit a request, The Body Clinic shall respond within four weeks.
The processing of your data occurs under the responsibility of Ziatac Communications (www.ziatac.net). We have signed a processing agreement with Ziatac Communications. The confidentiality obligation applies to them as well.
Access, rectification and right to object
You may always contact us to request any information of yours that we register. You may also correct or supplement this information. Lastly, you reserve the right to object to certain parts of the processing. You can issue any of these requests with us.
Your privacy is safeguarded
We value your privacy and guarantee you that:
- we compile our visitor metrics anonymously;
- we never show third party advertisements on our website;
- we never sell to or share information with third parties.
All of our activities, including our online activities, are fully in accordance with the legal regulations of the AVG (Dutch Data Protection Authority).
Storing your data
We do not store your data longer than is necessary to ensure quality care and services to you, and to meet your wishes. If we no longer need your data, it is destroyed. We are legally obligated to store your dossier for 15 years as per the WBGO (Dutch Medical Treatment Agreement Act). We never process your data longer than is necessary to deliver quality care.
Next to this, you reserve the “right of forgetfulness.” In short, any person involved has the right to have their personal data erased without unreasonable delay in a number of cases:
- The personal data is no longer needed for the ends to which it has been collected or processed;
- The person involved withdraws his or her consent for processing, or objects to the processing;
- The personal data has been illegally processed;
- The personal data needs to be erased pursuant to Union law or domestic law.
Wherever necessary, we observe the statutory storage periods. We provide data minimisation in areas where these periods are not specified by law.
We secure your personal data in an appropriate manner against theft, loss or other possible illegal uses of this data. We have taken the necessary measures to prevent your personal data from being lost or stolen or being accessed by people unaffiliated with The Body Clinic.
If we detect a data leak, we will immediately—at least within 72 hours—alert the Dutch DPA.
You reserve the right to access, rectify or delete your personal data. You may submit a request to access, rectify or delete to [email protected]. The Body Clinic will respond to your request as soon as possible, at least within 2 months.
References to other websites or hyperlinks are solely meant to inform the visitor. We offer no guarantee of the accessibility or contents of the concerning websites. We cannot accept liability for the functioning of these websites or the information displayed on them.
The Body Clinic can be reached here:
Postal address: Achillesstraat 85, 1076 PX in Amsterdam
Business address Amsterdam clinic: Achillesstraat 85, 1076 PX in Amsterdam
Business address Duiven clinic: Ploenstraat 30, 6921 PN in Duiven
Telephone number: 020 4638668
Email address: [email protected]
Contact: Danielle Nederstigt, Clinic Manager